Produced by Araxis Merge on Sat Jul 11 14:48:15 2015 UTC. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a reasonably standards compliant browser such as the latest version of Firefox or Internet Explorer. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | C:\Users\neominds\Desktop\WRSSL_OPSSL\work\OpenSSL_1.0.1\openssl-1.0.1o_WR_DIR_STRUCTURE\ssl\openssl | CHANGES | Fri Jun 12 15:21:00 2015 UTC |
| 2 | C:\Users\neominds\Desktop\WRSSL_OPSSL\work\WR_SSL_VxWorks62\ssl\openssl | CHANGES | Thu Sep 29 06:38:06 2005 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 19 | 15002 |
| Changed | 15 | 159 |
| Inserted | 0 | 0 |
| Removed | 3 | 2773 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | 1 | |||||
| 2 | OpenSSL C HANGES | 2 | OpenSSL C HANGES | |||
| 3 | _________ ______ | 3 | _________ ______ | |||
| 4 | 4 | |||||
| 5 | Changes b etween 1.0 .1n and 1. 0.1o [12 J un 2015] | |||||
| 6 | ||||||
| 7 | *) Fix H MAC ABI in compatibil ity. The p revious ve rsion intr oduced an ABI | |||||
| 8 | incom patibility in the ha ndling of HMAC. The previous A BI has now been | |||||
| 9 | resto red. | |||||
| 10 | ||||||
| 11 | Changes b etween 1.0 .1m and 1. 0.1n [11 J un 2015] | |||||
| 12 | ||||||
| 13 | *) Malfo rmed ECPar ameters ca uses infin ite loop | |||||
| 14 | ||||||
| 15 | When processing an ECPara meters str ucture Ope nSSL enter s an infin ite loop | |||||
| 16 | if th e curve sp ecified is over a sp ecially ma lformed bi nary polyn omial | |||||
| 17 | field . | |||||
| 18 | ||||||
| 19 | This can be use d to perfo rm denial of service against a ny | |||||
| 20 | syste m which pr ocesses pu blic keys, certifica te request s or | |||||
| 21 | certi ficates. This inclu des TLS cl ients and TLS server s with | |||||
| 22 | clien t authenti cation ena bled. | |||||
| 23 | ||||||
| 24 | This issue was reported t o OpenSSL by Joseph Barr-Pixto n. | |||||
| 25 | (CVE- 2015-1788) | |||||
| 26 | [Andy Polyakov] | |||||
| 27 | ||||||
| 28 | *) Explo itable out -of-bounds read in X 509_cmp_ti me | |||||
| 29 | ||||||
| 30 | X509_ cmp_time d oes not pr operly che ck the len gth of the ASN1_TIME | |||||
| 31 | strin g and can read a few bytes out of bounds . In addit ion, | |||||
| 32 | X509_ cmp_time a ccepts an arbitrary number of fractional seconds i n the | |||||
| 33 | time string. | |||||
| 34 | ||||||
| 35 | An at tacker can use this to craft m alformed c ertificate s and CRLs of | |||||
| 36 | vario us sizes a nd potenti ally cause a segment ation faul t, resulti ng in | |||||
| 37 | a DoS on applic ations tha t verify c ertificate s or CRLs. TLS clien ts | |||||
| 38 | that verify CRL s are affe cted. TLS clients an d servers with clien t | |||||
| 39 | authe ntication enabled ma y be affec ted if the y use cust om verific ation | |||||
| 40 | callb acks. | |||||
| 41 | ||||||
| 42 | This issue was reported t o OpenSSL by Robert Swiecki (G oogle), an d | |||||
| 43 | indep endently b y Hanno Bö ck. | |||||
| 44 | (CVE- 2015-1789) | |||||
| 45 | [Emil ia Käsper] | |||||
| 46 | ||||||
| 47 | *) PKCS7 crash wit h missing EnvelopedC ontent | |||||
| 48 | ||||||
| 49 | The P KCS#7 pars ing code d oes not ha ndle missi ng inner E ncryptedCo ntent | |||||
| 50 | corre ctly. An a ttacker ca n craft ma lformed AS N.1-encode d PKCS#7 b lobs | |||||
| 51 | with missing co ntent and trigger a NULL point er derefer ence on pa rsing. | |||||
| 52 | ||||||
| 53 | Appli cations th at decrypt PKCS#7 da ta or othe rwise pars e PKCS#7 | |||||
| 54 | struc tures from untrusted sources a re affecte d. OpenSSL clients a nd | |||||
| 55 | serve rs are not affected. | |||||
| 56 | ||||||
| 57 | This issue was reported t o OpenSSL by Michal Zalewski ( Google). | |||||
| 58 | (CVE- 2015-1790) | |||||
| 59 | [Emil ia Käsper] | |||||
| 60 | ||||||
| 61 | *) CMS v erify infi nite loop with unkno wn hash fu nction | |||||
| 62 | ||||||
| 63 | When verifying a signedDa ta message the CMS c ode can en ter an inf inite loop | |||||
| 64 | if pr esented wi th an unkn own hash f unction OI D. This ca n be used to perform | |||||
| 65 | denia l of servi ce against any syste m which ve rifies sig nedData me ssages usi ng | |||||
| 66 | the C MS code. | |||||
| 67 | This issue was reported t o OpenSSL by Johanne s Bauer. | |||||
| 68 | (CVE- 2015-1792) | |||||
| 69 | [Step hen Henson ] | |||||
| 70 | ||||||
| 71 | *) Race condition handling N ewSessionT icket | |||||
| 72 | ||||||
| 73 | If a NewSession Ticket is received b y a multi- threaded c lient when attemptin g to | |||||
| 74 | reuse a previou s ticket t hen a race condition can occur potential ly leading to | |||||
| 75 | a dou ble free o f the tick et data. | |||||
| 76 | (CVE- 2015-1791) | |||||
| 77 | [Matt Caswell] | |||||
| 78 | ||||||
| 79 | *) Rejec t DH hands hakes with parameter s shorter than 768 b its. | |||||
| 80 | [Kurt Roeckx an d Emilia K asper] | |||||
| 81 | ||||||
| 82 | Changes b etween 1.0 .1l and 1. 0.1m [19 M ar 2015] | |||||
| 83 | ||||||
| 84 | *) Segme ntation fa ult in ASN 1_TYPE_cmp fix | |||||
| 85 | ||||||
| 86 | The f unction AS N1_TYPE_cm p will cra sh with an invalid r ead if an attempt is | |||||
| 87 | made to compare ASN.1 boo lean types . Since AS N1_TYPE_cm p is used to check | |||||
| 88 | certi ficate sig nature alg orithm con sistency t his can be used to c rash any | |||||
| 89 | certi ficate ver ification operation and exploi ted in a D oS attack. Any | |||||
| 90 | appli cation whi ch perform s certific ate verifi cation is vulnerable including | |||||
| 91 | OpenS SL clients and serve rs which e nable clie nt authent ication. | |||||
| 92 | (CVE- 2015-0286) | |||||
| 93 | [Step hen Henson ] | |||||
| 94 | ||||||
| 95 | *) ASN.1 structure reuse mem ory corrup tion fix | |||||
| 96 | ||||||
| 97 | Reusi ng a struc ture in AS N.1 parsin g may allo w an attac ker to cau se | |||||
| 98 | memor y corrupti on via an invalid wr ite. Such reuse is a nd has bee n | |||||
| 99 | stron gly discou raged and is believe d to be ra re. | |||||
| 100 | ||||||
| 101 | Appli cations th at parse s tructures containing CHOICE or ANY DEFIN ED BY | |||||
| 102 | compo nents may be affecte d. Certifi cate parsi ng (d2i_X5 09 and rel ated | |||||
| 103 | funct ions) are however no t affected . OpenSSL clients an d servers are | |||||
| 104 | not a ffected. | |||||
| 105 | (CVE- 2015-0287) | |||||
| 106 | [Step hen Henson ] | |||||
| 107 | ||||||
| 108 | *) PKCS7 NULL poin ter derefe rences fix | |||||
| 109 | ||||||
| 110 | The P KCS#7 pars ing code d oes not ha ndle missi ng outer C ontentInfo | |||||
| 111 | corre ctly. An a ttacker ca n craft ma lformed AS N.1-encode d PKCS#7 b lobs with | |||||
| 112 | missi ng content and trigg er a NULL pointer de reference on parsing . | |||||
| 113 | ||||||
| 114 | Appli cations th at verify PKCS#7 sig natures, d ecrypt PKC S#7 data o r | |||||
| 115 | other wise parse PKCS#7 st ructures f rom untrus ted source s are | |||||
| 116 | affec ted. OpenS SL clients and serve rs are not affected. | |||||
| 117 | ||||||
| 118 | This issue was reported t o OpenSSL by Michal Zalewski ( Google). | |||||
| 119 | (CVE- 2015-0289) | |||||
| 120 | [Emil ia Käsper] | |||||
| 121 | ||||||
| 122 | *) DoS v ia reachab le assert in SSLv2 s ervers fix | |||||
| 123 | ||||||
| 124 | A mal icious cli ent can tr igger an O PENSSL_ass ert (i.e., an abort) in | |||||
| 125 | serve rs that bo th support SSLv2 and enable ex port ciphe r suites b y sending | |||||
| 126 | a spe cially cra fted SSLv2 CLIENT-MA STER-KEY m essage. | |||||
| 127 | ||||||
| 128 | This issue was discovered by Sean B urford (Go ogle) and Emilia Käs per | |||||
| 129 | (Open SSL develo pment team ). | |||||
| 130 | (CVE- 2015-0293) | |||||
| 131 | [Emil ia Käsper] | |||||
| 132 | ||||||
| 133 | *) Use A fter Free following d2i_ECPriv atekey err or fix | |||||
| 134 | ||||||
| 135 | A mal formed EC private ke y file con sumed via the d2i_EC PrivateKey function | |||||
| 136 | could cause a u se after f ree condit ion. This, in turn, could caus e a double | |||||
| 137 | free in several private k ey parsing functions (such as d2i_Privat eKey | |||||
| 138 | or EV P_PKCS82PK EY) and co uld lead t o a DoS at tack or me mory corru ption | |||||
| 139 | for a pplication s that rec eive EC pr ivate keys from untr usted | |||||
| 140 | sourc es. This s cenario is considere d rare. | |||||
| 141 | ||||||
| 142 | This issue was discovered by the Bo ringSSL pr oject and fixed in t heir | |||||
| 143 | commi t 517073cd 4b. | |||||
| 144 | (CVE- 2015-0209) | |||||
| 145 | [Matt Caswell] | |||||
| 146 | ||||||
| 147 | *) X509_ to_X509_RE Q NULL poi nter deref fix | |||||
| 148 | ||||||
| 149 | The f unction X5 09_to_X509 _REQ will crash with a NULL po inter dere ference if | |||||
| 150 | the c ertificate key is in valid. Thi s function is rarely used in p ractice. | |||||
| 151 | ||||||
| 152 | This issue was discovered by Brian Carpenter. | |||||
| 153 | (CVE- 2015-0288) | |||||
| 154 | [Step hen Henson ] | |||||
| 155 | ||||||
| 156 | *) Remov ed the exp ort cipher s from the DEFAULT c iphers | |||||
| 157 | [Kurt Roeckx] | |||||
| 158 | ||||||
| 159 | Changes b etween 1.0 .1k and 1. 0.1l [15 J an 2015] | |||||
| 160 | ||||||
| 161 | *) Build fixes for the Windo ws and Ope nVMS platf orms | |||||
| 162 | [Matt Caswell a nd Richard Levitte] | |||||
| 163 | ||||||
| 164 | Changes b etween 1.0 .1j and 1. 0.1k [8 Ja n 2015] | |||||
| 165 | ||||||
| 166 | *) Fix D TLS segmen tation fau lt in dtls 1_get_reco rd. A care fully craf ted DTLS | |||||
| 167 | messa ge can cau se a segme ntation fa ult in Ope nSSL due t o a NULL p ointer | |||||
| 168 | deref erence. Th is could l ead to a D enial Of S ervice att ack. Thank s to | |||||
| 169 | Marku s Stenberg of Cisco Systems, I nc. for re porting th is issue. | |||||
| 170 | (CVE- 2014-3571) | |||||
| 171 | [Stev e Henson] | |||||
| 172 | ||||||
| 173 | *) Fix D TLS memory leak in d tls1_buffe r_record. A memory l eak can oc cur in the | |||||
| 174 | dtls1 _buffer_re cord funct ion under certain co nditions. In particu lar this | |||||
| 175 | could occur if an attacke r sent rep eated DTLS records w ith the sa me | |||||
| 176 | seque nce number but for t he next ep och. The m emory leak could be exploited | |||||
| 177 | by an attacker in a Denia l of Servi ce attack through me mory exhau stion. | |||||
| 178 | Thank s to Chris Mueller f or reporti ng this is sue. | |||||
| 179 | (CVE- 2015-0206) | |||||
| 180 | [Matt Caswell] | |||||
| 181 | ||||||
| 182 | *) Fix i ssue where no-ssl3 c onfigurati on sets me thod to NU LL. When o penssl is | |||||
| 183 | built with the no-ssl3 op tion and a SSL v3 Cl ientHello is receive d the ssl | |||||
| 184 | metho d would be set to NU LL which c ould later result in a NULL po inter | |||||
| 185 | deref erence. Th anks to Fr ank Schmir ler for re porting th is issue. | |||||
| 186 | (CVE- 2014-3569) | |||||
| 187 | [Kurt Roeckx] | |||||
| 188 | ||||||
| 189 | *) Abort handshake if server key excha nge messag e is omitt ed for eph emeral | |||||
| 190 | ECDH ciphersuit es. | |||||
| 191 | ||||||
| 192 | Thank s to Karth ikeyan Bha rgavan of the PROSEC CO team at INRIA for | |||||
| 193 | repor ting this issue. | |||||
| 194 | (CVE- 2014-3572) | |||||
| 195 | [Stev e Henson] | |||||
| 196 | ||||||
| 197 | *) Remov e non-expo rt ephemer al RSA cod e on clien t and serv er. This c ode | |||||
| 198 | viola ted the TL S standard by allowi ng the use of tempor ary RSA ke ys in | |||||
| 199 | non-e xport ciph ersuites a nd could b e used by a server t o effectiv ely | |||||
| 200 | downg rade the R SA key len gth used t o a value smaller th an the ser ver | |||||
| 201 | certi ficate. Th anks for K arthikeyan Bhargavan of the PR OSECCO tea m at | |||||
| 202 | INRIA or report ing this i ssue. | |||||
| 203 | (CVE- 2015-0204) | |||||
| 204 | [Stev e Henson] | |||||
| 205 | ||||||
| 206 | *) Fixed issue whe re DH clie nt certifi cates are accepted w ithout ver ification. | |||||
| 207 | An Op enSSL serv er will ac cept a DH certificat e for clie nt authent ication | |||||
| 208 | witho ut the cer tificate v erify mess age. This effectivel y allows a client to | |||||
| 209 | authe nticate wi thout the use of a p rivate key . This onl y affects servers | |||||
| 210 | which trust a c lient cert ificate au thority wh ich issues certifica tes | |||||
| 211 | conta ining DH k eys: these are extre mely rare and hardly ever enco untered. | |||||
| 212 | Thank s for Kart hikeyan Bh argavan of the PROSE CCO team a t INRIA or reporting | |||||
| 213 | this issue. | |||||
| 214 | (CVE- 2015-0205) | |||||
| 215 | [Stev e Henson] | |||||
| 216 | ||||||
| 217 | *) Ensur e that the session I D context of an SSL is updated when its | |||||
| 218 | SSL_C TX is upda ted via SS L_set_SSL_ CTX. | |||||
| 219 | ||||||
| 220 | The s ession ID context is typically set from the parent SSL_CTX, | |||||
| 221 | and c an vary wi th the CTX . | |||||
| 222 | [Adam Langley] | |||||
| 223 | ||||||
| 224 | *) Fix v arious cer tificate f ingerprint issues. | |||||
| 225 | ||||||
| 226 | By us ing non-DE R or inval id encodin gs outside the signe d portion of a | |||||
| 227 | certi ficate the fingerpri nt can be changed wi thout brea king the s ignature. | |||||
| 228 | Altho ugh no det ails of th e signed p ortion of the certif icate can be changed | |||||
| 229 | this can cause problems w ith some a pplication s: e.g. th ose using the | |||||
| 230 | certi ficate fin gerprint f or blackli sts. | |||||
| 231 | ||||||
| 232 | 1. Re ject signa tures with non zero unused bit s. | |||||
| 233 | ||||||
| 234 | If th e BIT STRI NG contain ing the si gnature ha s non zero unused bi ts reject | |||||
| 235 | the s ignature. All curren t signatur e algorith ms require zero unus ed bits. | |||||
| 236 | ||||||
| 237 | 2. Ch eck certif icate algo rithm cons istency. | |||||
| 238 | ||||||
| 239 | Check the Algor ithmIdenti fier insid e TBS matc hes the on e in the | |||||
| 240 | certi ficate sig nature. NB : this wil l result i n signatur e failure | |||||
| 241 | error s for some broken ce rtificates . | |||||
| 242 | ||||||
| 243 | Thank s to Konra d Kraszews ki from Go ogle for r eporting t his issue. | |||||
| 244 | ||||||
| 245 | 3. Ch eck DSA/EC DSA signat ures use D ER. | |||||
| 246 | ||||||
| 247 | Reenc ode DSA/EC DSA signat ures and c ompare wit h the orig inal recei ved | |||||
| 248 | signa ture. Retu rn an erro r if there is a mism atch. | |||||
| 249 | ||||||
| 250 | This will rejec t various cases incl uding garb age after signature | |||||
| 251 | (than ks to Antt i Karjalai nen and Tu omo Untine n from the Codenomic on CROSS | |||||
| 252 | progr am for dis covering t his case) and use of BER or in valid ASN. 1 INTEGERs | |||||
| 253 | (nega tive or wi th leading zeroes). | |||||
| 254 | ||||||
| 255 | Furth er analysi s was cond ucted and fixes were developed by Stephe n Henson | |||||
| 256 | of th e OpenSSL core team. | |||||
| 257 | ||||||
| 258 | (CVE- 2014-8275) | |||||
| 259 | [Stev e Henson] | |||||
| 260 | ||||||
| 261 | *) Corr ect Bignum squaring. Bignum sq uaring (BN _sqr) may produce in correct | |||||
| 262 | resu lts on som e platform s, includi ng x86_64. This bug occurs at random | |||||
| 263 | with a very lo w probabil ity, and i s not know n to be ex ploitable in any | |||||
| 264 | way, though it s exact im pact is di fficult to determine . Thanks t o Pieter | |||||
| 265 | Wuil le (Blocks tream) who reported this issue and also suggested an initial | |||||
| 266 | fix. Further a nalysis wa s conducte d by the O penSSL dev elopment t eam and | |||||
| 267 | Adam Langley o f Google. The final fix was de veloped by Andy Poly akov of | |||||
| 268 | the OpenSSL co re team. | |||||
| 269 | (CVE -2014-3570 ) | |||||
| 270 | [And y Polyakov ] | |||||
| 271 | ||||||
| 272 | *) Do n ot resume sessions o n the serv er if the negotiated protocol | |||||
| 273 | vers ion does n ot match t he session 's version . Resuming with a di fferent | |||||
| 274 | vers ion, while not stric tly forbid den by the RFC, is o f question able | |||||
| 275 | sani ty and bre aks all kn own client s. | |||||
| 276 | [Dav id Benjami n, Emilia Käsper] | |||||
| 277 | ||||||
| 278 | *) Tigh ten handli ng of the ChangeCiph erSpec (CC S) message : reject | |||||
| 279 | earl y CCS mess ages durin g renegoti ation. (No te that be cause | |||||
| 280 | rene gotiation is encrypt ed, this e arly CCS w as not exp loitable.) | |||||
| 281 | [Emi lia Käsper ] | |||||
| 282 | ||||||
| 283 | *) Tigh ten client -side sess ion ticket handling during ren egotiation : | |||||
| 284 | ensu re that th e client o nly accept s a sessio n ticket i f the serv er sends | |||||
| 285 | the extension anew in th e ServerHe llo. Previ ously, a T LS client would | |||||
| 286 | reus e the old extension state and thus accep t a sessio n ticket i f one was | |||||
| 287 | anno unced in t he initial ServerHel lo. | |||||
| 288 | ||||||
| 289 | Simi larly, ens ure that t he client requires a session t icket if o ne | |||||
| 290 | was advertised in the Se rverHello. Previousl y, a TLS c lient woul d | |||||
| 291 | igno re a missi ng NewSess ionTicket message. | |||||
| 292 | [Emi lia Käsper ] | |||||
| 293 | ||||||
| 294 | Changes b etween 1.0 .1i and 1. 0.1j [15 O ct 2014] | |||||
| 295 | ||||||
| 296 | *) SRTP Memory Lea k. | |||||
| 297 | ||||||
| 298 | A fla w in the D TLS SRTP e xtension p arsing cod e allows a n attacker , who | |||||
| 299 | sends a careful ly crafted handshake message, to cause O penSSL to fail | |||||
| 300 | to fr ee up to 6 4k of memo ry causing a memory leak. This could be | |||||
| 301 | explo ited in a Denial Of Service at tack. This issue aff ects OpenS SL | |||||
| 302 | 1.0.1 server im plementati ons for bo th SSL/TLS and DTLS regardless of | |||||
| 303 | wheth er SRTP is used or c onfigured. Implement ations of OpenSSL th at | |||||
| 304 | have been compi led with O PENSSL_NO_ SRTP defin ed are not affected. | |||||
| 305 | ||||||
| 306 | The f ix was dev eloped by the OpenSS L team. | |||||
| 307 | (CVE- 2014-3513) | |||||
| 308 | [Open SSL team] | |||||
| 309 | ||||||
| 310 | *) Sessi on Ticket Memory Lea k. | |||||
| 311 | ||||||
| 312 | When an OpenSSL SSL/TLS/D TLS server receives a session ticket the | |||||
| 313 | integ rity of th at ticket is first v erified. I n the even t of a ses sion | |||||
| 314 | ticke t integrit y check fa iling, Ope nSSL will fail to fr ee memory | |||||
| 315 | causi ng a memor y leak. By sending a large num ber of inv alid sessi on | |||||
| 316 | ticke ts an atta cker could exploit t his issue in a Denia l Of Servi ce | |||||
| 317 | attac k. | |||||
| 318 | (CVE- 2014-3567) | |||||
| 319 | [Stev e Henson] | |||||
| 320 | ||||||
| 321 | *) Build option no -ssl3 is i ncomplete. | |||||
| 322 | ||||||
| 323 | When OpenSSL is configure d with "no -ssl3" as a build op tion, serv ers | |||||
| 324 | could accept an d complete a SSL 3.0 handshake , and clie nts could be | |||||
| 325 | confi gured to s end them. | |||||
| 326 | (CVE- 2014-3568) | |||||
| 327 | [Akam ai and the OpenSSL t eam] | |||||
| 328 | ||||||
| 329 | *) Add s upport for TLS_FALLB ACK_SCSV. | |||||
| 330 | Clien t applicat ions doing fallback retries sh ould call | |||||
| 331 | SSL_s et_mode(s, SSL_MODE_ SEND_FALLB ACK_SCSV). | |||||
| 332 | (CVE- 2014-3566) | |||||
| 333 | [Adam Langley, Bodo Moell er] | |||||
| 334 | ||||||
| 335 | *) Add a dditional DigestInfo checks. | |||||
| 336 | ||||||
| 337 | Reenc ode Digest Into in DE R and chec k against the origin al when | |||||
| 338 | verif ying RSA s ignature: this will reject any improperl y encoded | |||||
| 339 | Diges tInfo stru ctures. | |||||
| 340 | ||||||
| 341 | Note: this is a precautio nary measu re and no attacks ar e currentl y known. | |||||
| 342 | ||||||
| 343 | [Stev e Henson] | |||||
| 344 | ||||||
| 345 | Changes b etween 1.0 .1h and 1. 0.1i [6 Au g 2014] | |||||
| 346 | ||||||
| 347 | *) Fix S RP buffer overrun vu lnerabilit y. Invalid parameter s passed t o the | |||||
| 348 | SRP c ode can be overrun a n internal buffer. A dd sanity check that | |||||
| 349 | g, A, B < N to SRP code. | |||||
| 350 | ||||||
| 351 | Thank s to Sean Devlin and Watson La dd of Cryp tography S ervices, N CC | |||||
| 352 | Group for disco vering thi s issue. | |||||
| 353 | (CVE- 2014-3512) | |||||
| 354 | [Stev e Henson] | |||||
| 355 | ||||||
| 356 | *) A fla w in the O penSSL SSL /TLS serve r code cau ses the se rver to ne gotiate | |||||
| 357 | TLS 1 .0 instead of higher protocol versions w hen the Cl ientHello message | |||||
| 358 | is ba dly fragme nted. This allows a man-in-the -middle at tacker to force a | |||||
| 359 | downg rade to TL S 1.0 even if both t he server and the cl ient suppo rt a | |||||
| 360 | highe r protocol version, by modifyi ng the cli ent's TLS records. | |||||
| 361 | ||||||
| 362 | Thank s to David Benjamin and Adam L angley (Go ogle) for discoverin g and | |||||
| 363 | resea rching thi s issue. | |||||
| 364 | (CVE- 2014-3511) | |||||
| 365 | [Davi d Benjamin ] | |||||
| 366 | ||||||
| 367 | *) OpenS SL DTLS cl ients enab ling anony mous (EC)D H ciphersu ites are s ubject | |||||
| 368 | to a denial of service at tack. A ma licious se rver can c rash the c lient | |||||
| 369 | with a null poi nter deref erence (re ad) by spe cifying an anonymous (EC)DH | |||||
| 370 | ciphe rsuite and sending c arefully c rafted han dshake mes sages. | |||||
| 371 | ||||||
| 372 | Thank s to Felix Gröbert ( Google) fo r discover ing and re searching this | |||||
| 373 | issue . | |||||
| 374 | (CVE- 2014-3510) | |||||
| 375 | [Emil ia Käsper] | |||||
| 376 | ||||||
| 377 | *) By se nding care fully craf ted DTLS p ackets an attacker c ould cause openssl | |||||
| 378 | to le ak memory. This can be exploit ed through a Denial of Service attack. | |||||
| 379 | Thank s to Adam Langley fo r discover ing and re searching this issue . | |||||
| 380 | (CVE- 2014-3507) | |||||
| 381 | [Adam Langley] | |||||
| 382 | ||||||
| 383 | *) An at tacker can force ope nssl to co nsume larg e amounts of memory whilst | |||||
| 384 | proce ssing DTLS handshake messages. This can be exploit ed through a | |||||
| 385 | Denia l of Servi ce attack. | |||||
| 386 | Thank s to Adam Langley fo r discover ing and re searching this issue . | |||||
| 387 | (CVE- 2014-3506) | |||||
| 388 | [Adam Langley] | |||||
| 389 | ||||||
| 390 | *) An at tacker can force an error cond ition whic h causes o penssl to crash | |||||
| 391 | whils t processi ng DTLS pa ckets due to memory being free d twice. T his | |||||
| 392 | can b e exploite d through a Denial o f Service attack. | |||||
| 393 | Thank s to Adam Langley an d Wan-Teh Chang for discoverin g and rese arching | |||||
| 394 | this issue. | |||||
| 395 | (CVE- 2014-3505) | |||||
| 396 | [Adam Langley] | |||||
| 397 | ||||||
| 398 | *) If a multithrea ded client connects to a malic ious serve r using a resumed | |||||
| 399 | sessi on and the server se nds an ec point form at extensi on it coul d write | |||||
| 400 | up to 255 bytes to freed memory. | |||||
| 401 | ||||||
| 402 | Thank s to Gabor Tyukasz ( LogMeIn In c) for dis covering a nd researc hing this | |||||
| 403 | issue . | |||||
| 404 | (CVE- 2014-3509) | |||||
| 405 | [Gabo r Tyukasz] | |||||
| 406 | ||||||
| 407 | *) A mal icious ser ver can cr ash an Ope nSSL clien t with a n ull pointe r | |||||
| 408 | deref erence (re ad) by spe cifying an SRP ciphe rsuite eve n though i t was not | |||||
| 409 | prope rly negoti ated with the client . This can be exploi ted throug h a | |||||
| 410 | Denia l of Servi ce attack. | |||||
| 411 | ||||||
| 412 | Thank s to Joona s Kuorileh to and Rik u Hietamäk i (Codenom icon) for | |||||
| 413 | disco vering and researchi ng this is sue. | |||||
| 414 | (CVE- 2014-5139) | |||||
| 415 | [Stev e Henson] | |||||
| 416 | ||||||
| 417 | *) A fla w in OBJ_o bj2txt may cause pre tty printi ng functio ns such as | |||||
| 418 | X509_ name_oneli ne, X509_n ame_print_ ex et al. to leak so me informa tion | |||||
| 419 | from the stack. Applicati ons may be affected if they ec ho pretty printing | |||||
| 420 | outpu t to the a ttacker. | |||||
| 421 | ||||||
| 422 | Thank s to Ivan Fratric (G oogle) for discoveri ng this is sue. | |||||
| 423 | (CVE- 2014-3508) | |||||
| 424 | [Emil ia Käsper, and Steve Henson] | |||||
| 425 | ||||||
| 426 | *) Fix e c_GFp_simp le_points_ make_affin e (thus, E C_POINTs_m ul etc.) | |||||
| 427 | for c orner case s. (Certai n input po ints at in finity cou ld lead to | |||||
| 428 | bogus results, with non-i nfinity in puts mappe d to infin ity too.) | |||||
| 429 | [Bodo Moeller] | |||||
| 430 | ||||||
| 431 | Changes b etween 1.0 .1g and 1. 0.1h [5 Ju n 2014] | |||||
| 432 | ||||||
| 433 | *) Fix f or SSL/TLS MITM flaw . An attac ker using a carefull y crafted | |||||
| 434 | hands hake can f orce the u se of weak keying ma terial in OpenSSL | |||||
| 435 | SSL/T LS clients and serve rs. | |||||
| 436 | ||||||
| 437 | Thank s to KIKUC HI Masashi (Lepidum Co. Ltd.) for discov ering and | |||||
| 438 | resea rching thi s issue. ( CVE-2014-0 224) | |||||
| 439 | [KIKU CHI Masash i, Steve H enson] | |||||
| 440 | ||||||
| 441 | *) Fix D TLS recurs ion flaw. By sending an invali d DTLS han dshake to an | |||||
| 442 | OpenS SL DTLS cl ient the c ode can be made to r ecurse eve ntually cr ashing | |||||
| 443 | in a DoS attack . | |||||
| 444 | ||||||
| 445 | Thank s to Imre Rad (Searc h-Lab Ltd. ) for disc overing th is issue. | |||||
| 446 | (CVE- 2014-0221) | |||||
| 447 | [Imre Rad, Stev e Henson] | |||||
| 448 | ||||||
| 449 | *) Fix D TLS invali d fragment vulnerabi lity. A bu ffer overr un attack can | |||||
| 450 | be tr iggered by sending i nvalid DTL S fragment s to an Op enSSL DTLS | |||||
| 451 | clien t or serve r. This is potential ly exploit able to ru n arbitrar y | |||||
| 452 | code on a vulne rable clie nt or serv er. | |||||
| 453 | ||||||
| 454 | Thank s to Jüri Aedla for reporting this issue . (CVE-201 4-0195) | |||||
| 455 | [Jüri Aedla, St eve Henson ] | |||||
| 456 | ||||||
| 457 | *) Fix b ug in TLS code where clients e nable anon ymous ECDH ciphersui tes | |||||
| 458 | are s ubject to a denial o f service attack. | |||||
| 459 | ||||||
| 460 | Thank s to Felix Gröbert a nd Ivan Fr atric at G oogle for discoverin g | |||||
| 461 | this issue. (CV E-2014-347 0) | |||||
| 462 | [Feli x Gröbert, Ivan Frat ric, Steve Henson] | |||||
| 463 | ||||||
| 464 | *) Harmo nize versi on and its documenta tion. -f f lag is use d to displ ay | |||||
| 465 | compi lation fla gs. | |||||
| 466 | [manc ha <mancha 1@zoho.com >] | |||||
| 467 | ||||||
| 468 | *) Fix e ckey_priv_ encode so it immedia tely retur ns an erro r upon a f ailure | |||||
| 469 | in i2 d_ECPrivat eKey. | |||||
| 470 | [manc ha <mancha 1@zoho.com >] | |||||
| 471 | ||||||
| 472 | *) Fix s ome double frees. Th ese are no t thought to be expl oitable. | |||||
| 473 | [manc ha <mancha 1@zoho.com >] | |||||
| 474 | ||||||
| 475 | Changes b etween 1.0 .1f and 1. 0.1g [7 Ap r 2014] | |||||
| 476 | ||||||
| 477 | *) A mis sing bound s check in the handl ing of the TLS heart beat exten sion | |||||
| 478 | can b e used to reveal up to 64k of memory to a connecte d client o r | |||||
| 479 | serve r. | |||||
| 480 | ||||||
| 481 | Thank s for Neel Mehta of Google Sec urity for discoverin g this bug and to | |||||
| 482 | Adam Langley <a gl@chromiu m.org> and Bodo Moel ler <bmoel ler@acm.or g> for | |||||
| 483 | prepa ring the f ix (CVE-20 14-0160) | |||||
| 484 | [Adam Langley, Bodo Moell er] | |||||
| 485 | ||||||
| 486 | *) Fix f or the att ack descri bed in the paper "Re covering O penSSL | |||||
| 487 | ECDSA Nonces Us ing the FL USH+RELOAD Cache Sid e-channel Attack" | |||||
| 488 | by Yu val Yarom and Naomi Benger. De tails can be obtaine d from: | |||||
| 489 | http: //eprint.i acr.org/20 14/140 | |||||
| 490 | ||||||
| 491 | Thank s to Yuval Yarom and Naomi Ben ger for di scovering this | |||||
| 492 | flaw and to Yuv al Yarom f or supplyi ng a fix ( CVE-2014-0 076) | |||||
| 493 | [Yuva l Yarom an d Naomi Be nger] | |||||
| 494 | ||||||
| 495 | *) TLS p ad extensi on: draft- agl-tls-pa dding-03 | |||||
| 496 | ||||||
| 497 | Worka round for the "TLS h ang bug" ( see FAQ an d PR#2771) : if the | |||||
| 498 | TLS c lient Hell o record l ength valu e would ot herwise be > 255 and | |||||
| 499 | less that 512 p ad with a dummy exte nsion cont aining zer oes so it | |||||
| 500 | is at least 512 bytes lon g. | |||||
| 501 | ||||||
| 502 | [Adam Langley, Steve Hens on] | |||||
| 503 | ||||||
| 504 | Changes b etween 1.0 .1e and 1. 0.1f [6 Ja n 2014] | |||||
| 505 | ||||||
| 506 | *) Fix f or TLS rec ord tamper ing bug. A carefully crafted i nvalid | |||||
| 507 | hands hake could crash Ope nSSL with a NULL poi nter excep tion. | |||||
| 508 | Thank s to Anton Johansson for repor ting this issues. | |||||
| 509 | (CVE- 2013-4353) | |||||
| 510 | ||||||
| 511 | *) Keep original D TLS digest and encry ption cont exts in re transmissi on | |||||
| 512 | struc tures so w e can use the previo us session parameter s if they need | |||||
| 513 | to be resent. ( CVE-2013-6 450) | |||||
| 514 | [Stev e Henson] | |||||
| 515 | ||||||
| 516 | *) Add o ption SSL_ OP_SAFARI_ ECDHE_ECDS A_BUG (par t of SSL_O P_ALL) whi ch | |||||
| 517 | avoid s preferri ng ECDHE-E CDSA ciphe rs when th e client a ppears to be | |||||
| 518 | Safar i on OS X. Safari o n OS X 10. 8..10.8.3 advertises support f or | |||||
| 519 | sever al ECDHE-E CDSA ciphe rs, but fa ils to neg otiate the m. The bu g | |||||
| 520 | is fi xed in OS X 10.8.4, but Apple have ruled out both hot fixing | |||||
| 521 | 10.8. .10.8.3 an d forcing users to u pgrade to 10.8.4 or newer. | |||||
| 522 | [Rob Stradling, Adam Lang ley] | |||||
| 523 | ||||||
| 524 | Changes b etween 1.0 .1d and 1. 0.1e [11 F eb 2013] | |||||
| 525 | ||||||
| 526 | *) Corre ct fix for CVE-2013- 0169. The original d idn't work on AES-NI | |||||
| 527 | suppo rting plat forms or w hen small records we re transfe rred. | |||||
| 528 | [Andy Polyakov, Steve Hen son] | |||||
| 529 | ||||||
| 530 | Changes b etween 1.0 .1c and 1. 0.1d [5 Fe b 2013] | |||||
| 531 | ||||||
| 532 | *) Make the decodi ng of SSLv 3, TLS and DTLS CBC records co nstant tim e. | |||||
| 533 | ||||||
| 534 | This addresses the flaw i n CBC reco rd process ing discov ered by | |||||
| 535 | Nadhe m Alfardan and Kenny Paterson. Details o f this att ack can be found | |||||
| 536 | at: h ttp://www. isg.rhul.a c.uk/tls/ | |||||
| 537 | ||||||
| 538 | Thank s go to Na dhem Alfar dan and Ke nny Paters on of the Informatio n | |||||
| 539 | Secur ity Group at Royal H olloway, U niversity of London | |||||
| 540 | (www. isg.rhul.a c.uk) for discoverin g this fla w and Adam Langley a nd | |||||
| 541 | Emili a Käsper f or the ini tial patch . | |||||
| 542 | (CVE- 2013-0169) | |||||
| 543 | [Emil ia Käsper, Adam Lang ley, Ben L aurie, And y Polyakov , Steve He nson] | |||||
| 544 | ||||||
| 545 | *) Fix f law in AES NI handlin g of TLS 1 .2 and 1.1 records f or CBC mod e | |||||
| 546 | ciphe rsuites wh ich can be exploited in a deni al of serv ice attack . | |||||
| 547 | Thank s go to an d to Adam Langley <a gl@chromiu m.org> for discoveri ng | |||||
| 548 | and d etecting t his bug an d to Wolfg ang Ettlin ger | |||||
| 549 | <wolf gang.ettli nger@gmail .com> for independen tly discov ering this issue. | |||||
| 550 | (CVE- 2012-2686) | |||||
| 551 | [Adam Langley] | |||||
| 552 | ||||||
| 553 | *) Retur n an error when chec king OCSP signatures when key is NULL. | |||||
| 554 | This fixes a Do S attack. (CVE-2013- 0166) | |||||
| 555 | [Stev e Henson] | |||||
| 556 | ||||||
| 557 | *) Make openssl ve rify retur n errors. | |||||
| 558 | [Chri s Palmer < palmer@goo gle.com> a nd Ben Lau rie] | |||||
| 559 | ||||||
| 560 | *) Call OCSP Stapl ing callba ck after c iphersuite has been chosen, so | |||||
| 561 | the r ight respo nse is sta pled. Also change SS L_get_cert ificate() | |||||
| 562 | so it returns t he certifi cate actua lly sent. | |||||
| 563 | See h ttp://rt.o penssl.org /Ticket/Di splay.html ?id=2836. | |||||
| 564 | [Rob Stradling <rob.strad ling@comod o.com>] | |||||
| 565 | ||||||
| 566 | *) Fix p ossible de adlock whe n decoding public ke ys. | |||||
| 567 | [Stev e Henson] | |||||
| 568 | ||||||
| 569 | *) Don't use TLS 1 .0 record version nu mber in in itial clie nt hello | |||||
| 570 | if re negotiatin g. | |||||
| 571 | [Stev e Henson] | |||||
| 572 | ||||||
| 573 | Changes b etween 1.0 .1b and 1. 0.1c [10 M ay 2012] | |||||
| 574 | ||||||
| 575 | *) Sanit y check re cord lengt h before s kipping ex plicit IV in TLS | |||||
| 576 | 1.2, 1.1 and DT LS to fix DoS attack . | |||||
| 577 | ||||||
| 578 | Thank s to Coden omicon for discoveri ng this is sue using Fuzz-o-Mat ic | |||||
| 579 | fuzzi ng as a se rvice test ing platfo rm. | |||||
| 580 | (CVE- 2012-2333) | |||||
| 581 | [Stev e Henson] | |||||
| 582 | ||||||
| 583 | *) Initi alise tkey len proper ly when en crypting C MS message s. | |||||
| 584 | Thank s to Solar Designer of Openwal l for repo rting this issue. | |||||
| 585 | [Stev e Henson] | |||||
| 586 | ||||||
| 587 | *) In FI PS mode do n't try to use compo site ciphe rs as they are not | |||||
| 588 | appro ved. | |||||
| 589 | [Stev e Henson] | |||||
| 590 | ||||||
| 591 | Changes b etween 1.0 .1a and 1. 0.1b [26 A pr 2012] | |||||
| 592 | ||||||
| 593 | *) OpenS SL 1.0.0 s ets SSL_OP _ALL to 0x 80000FFFL and OpenSS L 1.0.1 an d | |||||
| 594 | 1.0.1 a set SSL_ OP_NO_TLSv 1_1 to 0x0 0000400L w hich would unfortuna tely | |||||
| 595 | mean any applic ation comp iled again st OpenSSL 1.0.0 hea ders setti ng | |||||
| 596 | SSL_O P_ALL woul d also set SSL_OP_NO _TLSv1_1, unintentio nally disa blng | |||||
| 597 | TLS 1 .1 also. F ix this by changing the value of SSL_OP_ NO_TLSv1_1 to | |||||
| 598 | 0x100 00000L Any applicati on which w as previou sly compil ed against | |||||
| 599 | OpenS SL 1.0.1 o r 1.0.1a h eaders and which car es about S SL_OP_NO_T LSv1_1 | |||||
| 600 | will need to be recompile d as a res ult. Letti ng be resu lts in | |||||
| 601 | inabi lity to di sable spec ifically T LS 1.1 and in client context, | |||||
| 602 | in un like event , limit ma ximum offe red versio n to TLS 1 .0 [see be low]. | |||||
| 603 | [Stev e Henson] | |||||
| 604 | ||||||
| 605 | *) In or der to ens ure intero perabilty SSL_OP_NO_ protocolX does not | |||||
| 606 | disab le just pr otocol X, but all pr otocols ab ove X *if* there are | |||||
| 607 | proto cols *belo w* X still enabled. In more pr actical te rms it mea ns | |||||
| 608 | that if applica tion wants to disabl e TLS1.0 i n favor of TLS1.1 an d | |||||
| 609 | above , it's not sufficien t to pass SSL_OP_NO_ TLSv1, one has to pa ss | |||||
| 610 | SSL_O P_NO_TLSv1 |SSL_OP_NO _SSLv3|SSL _OP_NO_SSL v2. This a pplies to | |||||
| 611 | clien t side. | |||||
| 612 | [Andy Polyakov] | |||||
| 613 | ||||||
| 614 | Changes b etween 1.0 .1 and 1.0 .1a [19 Ap r 2012] | |||||
| 615 | ||||||
| 616 | *) Check for poten tially exp loitable o verflows i n asn1_d2i _read_bio | |||||
| 617 | BUF_m em_grow an d BUF_mem_ grow_clean . Refuse a ttempts to shrink bu ffer | |||||
| 618 | in CR YPTO_reall oc_clean. | |||||
| 619 | ||||||
| 620 | Thank s to Tavis Ormandy, Google Sec urity Team , for disc overing th is | |||||
| 621 | issue and to Ad am Langley <agl@chro mium.org> for fixing it. | |||||
| 622 | (CVE- 2012-2110) | |||||
| 623 | [Adam Langley ( Google), T avis Orman dy, Google Security Team] | |||||
| 624 | ||||||
| 625 | *) Don't allow TLS 1.2 SHA-2 56 ciphers uites in T LS 1.0, 1. 1 connecti ons. | |||||
| 626 | [Adam Langley] | |||||
| 627 | ||||||
| 628 | *) Worka rounds for some brok en servers that "han g" if a cl ient hello | |||||
| 629 | recor d length e xceeds 255 bytes. | |||||
| 630 | ||||||
| 631 | 1. Do not use r ecord vers ion number > TLS 1.0 in initia l client | |||||
| 632 | he llo: some (but not a ll) hangin g servers will now w ork. | |||||
| 633 | 2. If we set OP ENSSL_MAX_ TLS1_2_CIP HER_LENGTH this will truncate | |||||
| 634 | th e number o f ciphers sent in th e client h ello. This should be | |||||
| 635 | se t to an ev en number, such as 5 0, for exa mple by pa ssing: | |||||
| 636 | -D OPENSSL_MA X_TLS1_2_C IPHER_LENG TH=50 to c onfig or C onfigure. | |||||
| 637 | Mo st broken servers sh ould now w ork. | |||||
| 638 | 3. If all else fails sett ing OPENSS L_NO_TLS1_ 2_CLIENT w ill disabl e | |||||
| 639 | TL S 1.2 clie nt support entirely. | |||||
| 640 | [Stev e Henson] | |||||
| 641 | ||||||
| 642 | *) Fix S EGV in Vec tor Permut ation AES module obs erved in O penSSH. | |||||
| 643 | [Andy Polyakov] | |||||
| 644 | ||||||
| 645 | Changes b etween 1.0 .0h and 1. 0.1 [14 M ar 2012] | |||||
| 646 | ||||||
| 647 | *) Add c ompatibili ty with ol d MDC2 sig natures wh ich use an ASN1 OCTE T | |||||
| 648 | STRIN G form ins tead of a DigestInfo . | |||||
| 649 | [Stev e Henson] | |||||
| 650 | ||||||
| 651 | *) The f ormat used for MDC2 RSA signat ures is in consistent between E VP | |||||
| 652 | and t he RSA_sig n/RSA_veri fy functio ns. This w as made mo re apparen t when | |||||
| 653 | OpenS SL used RS A_sign/RSA _verify fo r some RSA signature s in parti cular | |||||
| 654 | those which wen t through EVP_PKEY_M ETHOD in 1 .0.0 and l ater. Dete ct | |||||
| 655 | the c orrect for mat in RSA _verify so both form s transpar ently work . | |||||
| 656 | [Stev e Henson] | |||||
| 657 | ||||||
| 658 | *) Some servers wh ich suppor t TLS 1.0 can choke if we init ially indi cate | |||||
| 659 | suppo rt for TLS 1.2 and l ater reneg otiate usi ng TLS 1.0 in the RS A | |||||
| 660 | encry pted prema ster secre t. As a wo rkaround u se the max imum pemit ted | |||||
| 661 | clien t version in client hello, thi s should k eep such s ervers hap py | |||||
| 662 | and s till work with previ ous versio ns of Open SSL. | |||||
| 663 | [Stev e Henson] | |||||
| 664 | ||||||
| 665 | *) Add s upport for TLS/DTLS heartbeats . | |||||
| 666 | [Robi n Seggelma nn <seggel mann@fh-mu enster.de> ] | |||||
| 667 | ||||||
| 668 | *) Add s upport for SCTP. | |||||
| 669 | [Robi n Seggelma nn <seggel mann@fh-mu enster.de> ] | |||||
| 670 | ||||||
| 671 | *) Impro ved PRNG s eeding for VOS. | |||||
| 672 | [Paul Green <Pa ul.Green@s tratus.com >] | |||||
| 673 | ||||||
| 674 | *) Exten sive assem bler packs updates, most notab ly: | |||||
| 675 | ||||||
| 676 | - x86[_64]: AES-NI , PCLMULQD Q, RDRAND support; | |||||
| 677 | - x86[_64]: SSSE3 support (S HA1, vecto r-permutat ion AES); | |||||
| 678 | - x86_64: bit-sl iced AES i mplementat ion; | |||||
| 679 | - ARM: NEON s upport, co ntemporary platforms optimizat ions; | |||||
| 680 | - s390x: z196 s upport; | |||||
| 681 | - *: GHASH and GF(2^m ) multipli cation imp lementatio ns; | |||||
| 682 | ||||||
| 683 | [Andy Polyakov] | |||||
| 684 | ||||||
| 685 | *) Make TLS-SRP co de conform ant with R FC 5054 AP I cleanup | |||||
| 686 | (remo val of unn ecessary c ode) | |||||
| 687 | [Pete r Sylveste r <peter.s ylvester@e delweb.fr> ] | |||||
| 688 | ||||||
| 689 | *) Add T LS key mat erial expo rter from RFC 5705. | |||||
| 690 | [Eric Rescorla] | |||||
| 691 | ||||||
| 692 | *) Add D TLS-SRTP n egotiation from RFC 5764. | |||||
| 693 | [Eric Rescorla] | |||||
| 694 | ||||||
| 695 | *) Add N ext Protoc ol Negotia tion, | |||||
| 696 | http: //tools.ie tf.org/htm l/draft-ag l-tls-next protoneg-0 0. Can be | |||||
| 697 | disab led with a no-npn fl ag to conf ig or Conf igure. Cod e donated | |||||
| 698 | by Go ogle. | |||||
| 699 | [Adam Langley < agl@google .com> and Ben Laurie ] | |||||
| 700 | ||||||
| 701 | *) Add o ptional 64 -bit optim ized imple mentations of ellipt ic curves NIST-P224, | |||||
| 702 | NIST- P256, NIST -P521, wit h constant -time sing le point m ultiplicat ion on | |||||
| 703 | typic al inputs. Compiler support fo r the nons tandard ty pe __uint1 28_t is | |||||
| 704 | requi red to use this (pre sent in gc c 4.4 and later, for 64-bit bu ilds). | |||||
| 705 | Code made avail able under Apache Li cense vers ion 2.0. | |||||
| 706 | ||||||
| 707 | Speci fy "enable -ec_nistp_ 64_gcc_128 " on the C onfigure ( or config) command | |||||
| 708 | line to include this in y our build of OpenSSL , and run "make depe nd" (or | |||||
| 709 | "make update"). This enab les the fo llowing EC _METHODs: | |||||
| 710 | ||||||
| 711 | E C_GFp_nist p224_metho d() | |||||
| 712 | E C_GFp_nist p256_metho d() | |||||
| 713 | E C_GFp_nist p521_metho d() | |||||
| 714 | ||||||
| 715 | EC_GR OUP_new_by _curve_nam e() will a utomatical ly use the se (while | |||||
| 716 | EC_GR OUP_new_cu rve_GFp() currently prefers th e more fle xible | |||||
| 717 | imple mentations ). | |||||
| 718 | [Emil ia Käsper, Adam Lang ley, Bodo Moeller (G oogle)] | |||||
| 719 | ||||||
| 720 | *) Use t ype ossl_s size_t ins tad of ssi ze_t which isn't ava ilable on | |||||
| 721 | all p latforms. Move ssize _t definit ion from e _os.h to t he public | |||||
| 722 | heade r file e_o s2.h as it now appea rs in publ ic header file cms.h | |||||
| 723 | [Stev e Henson] | |||||
| 724 | ||||||
| 725 | *) New - sigopt opt ion to the ca, req a nd x509 ut ilities. A dditional | |||||
| 726 | signa ture param eters can be passed using this option an d in | |||||
| 727 | parti cular PSS. | |||||
| 728 | [Stev e Henson] | |||||
| 729 | ||||||
| 730 | *) Add R SA PSS sig ning funct ion. This will gener ate and se t the | |||||
| 731 | appro priate Alg orithmIden tifiers fo r PSS base d on those in the | |||||
| 732 | corre sponding E VP_MD_CTX structure. No applic ation supp ort yet. | |||||
| 733 | [Stev e Henson] | |||||
| 734 | ||||||
| 735 | *) Suppo rt for com panion alg orithm spe cific ASN1 signing r outines. | |||||
| 736 | New f unction AS N1_item_si gn_ctx() s igns a pre -initialis ed | |||||
| 737 | EVP_M D_CTX stru cture and sets Algor ithmIdenti fiers base d on | |||||
| 738 | the a ppropriate parameter s. | |||||
| 739 | [Stev e Henson] | |||||
| 740 | ||||||
| 741 | *) Add n ew algorit hm specifi c ASN1 ver ification initialisa tion funct ion | |||||
| 742 | to EV P_PKEY_ASN 1_METHOD: this is no t in EVP_P KEY_METHOD since the ASN1 | |||||
| 743 | handl ing will b e the same no matter what EVP_ PKEY_METHO D is used. | |||||
| 744 | Add a PSS handl er to supp ort verifi cation of PSS signat ures: chec ked | |||||
| 745 | again st a numbe r of sampl e certific ates. | |||||
| 746 | [Stev e Henson] | |||||
| 747 | ||||||
| 748 | *) Add s ignature p rinting fo r PSS. Add PSS OIDs. | |||||
| 749 | [Stev e Henson, Martin Kai ser <lists @kaiser.cx >] | |||||
| 750 | ||||||
| 751 | *) Add a lgorithm s pecific si gnature pr inting. An individua l ASN1 met hod | |||||
| 752 | can n ow print o ut signatu res instea d of the s tandard he x dump. | |||||
| 753 | ||||||
| 754 | More complex si gnatures ( e.g. PSS) can print out more m eaningful | |||||
| 755 | infor mation. In clude DSA version th at prints out the si gnature | |||||
| 756 | param eters r, s . | |||||
| 757 | [Stev e Henson] | |||||
| 758 | ||||||
| 759 | *) Passw ord based recipient info suppo rt for CMS library: implementi ng | |||||
| 760 | RFC32 11. | |||||
| 761 | [Stev e Henson] | |||||
| 762 | ||||||
| 763 | *) Split password based encr yption int o PBES2 an d PBKDF2 f unctions. This | |||||
| 764 | neatl y separate s the code into ciph er and PBE sections and is req uired | |||||
| 765 | for s ome algori thms that split PBES 2 into sep arate piec es (such a s | |||||
| 766 | passw ord based CMS). | |||||
| 767 | [Stev e Henson] | |||||
| 768 | ||||||
| 769 | *) Sessi on-handlin g fixes: | |||||
| 770 | - Fix handling of connect ions that are resumi ng with a session ID , | |||||
| 771 | but also supp ort Sessio n Tickets. | |||||
| 772 | - Fix a bug tha t suppress ed issuing of a new ticket if the client | |||||
| 773 | pre sented a t icket with an expire d session. | |||||
| 774 | - Try to set th e ticket l ifetime hi nt to some thing reas onable. | |||||
| 775 | - Mak e tickets shorter by excluding irrelevan t informat ion. | |||||
| 776 | - On the client side, don 't ignore renewed ti ckets. | |||||
| 777 | [Adam Langley, Bodo Moell er (Google )] | |||||
| 778 | ||||||
| 779 | *) Fix P SK session represent ation. | |||||
| 780 | [Bodo Moeller] | |||||
| 781 | ||||||
| 782 | *) Add R C4-MD5 and AESNI-SHA 1 "stitche d" impleme ntations. | |||||
| 783 | ||||||
| 784 | This work was s ponsored b y Intel. | |||||
| 785 | [Andy Polyakov] | |||||
| 786 | ||||||
| 787 | *) Add G CM support to TLS li brary. Som e custom c ode is nee ded to spl it | |||||
| 788 | the I V between the fixed (from PRF) and expli cit (from TLS record ) | |||||
| 789 | porti ons. This adds all G CM ciphers uites supp orted by R FC5288 and | |||||
| 790 | RFC52 89. Genera lise some AES* ciphe rstrings t o inlclude GCM and | |||||
| 791 | add a special A ESGCM stri ng for GCM only. | |||||
| 792 | [Stev e Henson] | |||||
| 793 | ||||||
| 794 | *) Expan d range of ctrls for AES GCM. Permit set ting invoc ation | |||||
| 795 | field on decryp t and retr ieval of i nvocation field only on encryp t. | |||||
| 796 | [Stev e Henson] | |||||
| 797 | ||||||
| 798 | *) Add H MAC ECC ci phersuites from RFC5 289. Inclu de SHA384 PRF suppor t. | |||||
| 799 | As re quired by RFC5289 th ese cipher suites can not be use d if for | |||||
| 800 | versi ons of TLS earlier t han 1.2. | |||||
| 801 | [Stev e Henson] | |||||
| 802 | ||||||
| 803 | *) For F IPS capabl e OpenSSL interpret a NULL def ault publi c key meth od | |||||
| 804 | as un set and re turn the a ppopriate default bu t do *not* set the d efault. | |||||
| 805 | This means we c an return the appopr iate metho d in appli cations th at | |||||
| 806 | swict h between FIPS and n on-FIPS mo des. | |||||
| 807 | [Stev e Henson] | |||||
| 808 | ||||||
| 809 | *) Redir ect HMAC a nd CMAC op erations t o FIPS mod ule in FIP S mode. If an | |||||
| 810 | ENGIN E is used then we ca nnot handl e that in the FIPS m odule so w e | |||||
| 811 | keep original c ode iff no n-FIPS ope rations ar e allowed. | |||||
| 812 | [Stev e Henson] | |||||
| 813 | ||||||
| 814 | *) Add - attime opt ion to ope nssl utili ties. | |||||
| 815 | [Pete r Eckersle y <pde@eff .org>, Ben Laurie an d Steve He nson] | |||||
| 816 | ||||||
| 817 | *) Redir ect DSA an d DH opera tions to F IPS module in FIPS m ode. | |||||
| 818 | [Stev e Henson] | |||||
| 819 | ||||||
| 820 | *) Redir ect ECDSA and ECDH o perations to FIPS mo dule in FI PS mode. A lso use | |||||
| 821 | FIPS EC methods unconditi onally for now. | |||||
| 822 | [Stev e Henson] | |||||
| 823 | ||||||
| 824 | *) New b uild optio n no-ec2m to disable character istic 2 co de. | |||||
| 825 | [Stev e Henson] | |||||
| 826 | ||||||
| 827 | *) Backp ort libcry pto audit of return value chec king from 1.1.0-dev; not | |||||
| 828 | all c ases can b e covered as some in troduce bi nary incom patibiliti es. | |||||
| 829 | [Stev e Henson] | |||||
| 830 | ||||||
| 831 | *) Redir ect RSA op erations t o FIPS mod ule includ ing keygen , | |||||
| 832 | encry pt, decryp t, sign an d verify. Block use of non FIP S RSA meth ods. | |||||
| 833 | [Stev e Henson] | |||||
| 834 | ||||||
| 835 | *) Add s imilar low level API blocking to ciphers . | |||||
| 836 | [Stev e Henson] | |||||
| 837 | ||||||
| 838 | *) Low l evel diges t APIs are not appro ved in FIP S mode: an y attempt | |||||
| 839 | to us e these wi ll cause a fatal err or. Applic ations tha t *really* want | |||||
| 840 | to us e them can use the p rivate_* v ersion ins tead. | |||||
| 841 | [Stev e Henson] | |||||
| 842 | ||||||
| 843 | *) Redir ect cipher operation s to FIPS module for FIPS buil ds. | |||||
| 844 | [Stev e Henson] | |||||
| 845 | ||||||
| 846 | *) Redir ect digest operation s to FIPS module for FIPS buil ds. | |||||
| 847 | [Stev e Henson] | |||||
| 848 | ||||||
| 849 | *) Updat e build sy stem to ad d "fips" f lag which will link in fipscan ister.o | |||||
| 850 | for s tatic and shared lib rary build s embeddin g a signat ure if nee ded. | |||||
| 851 | [Stev e Henson] | |||||
| 852 | ||||||
| 853 | *) Outpu t TLS supp orted curv es in pref erence ord er instead of numeri cal | |||||
| 854 | order . This is currently hardcoded for the hi ghest orde r curves f irst. | |||||
| 855 | This should be configurab le so appl ications c an judge s peed vs st rength. | |||||
| 856 | [Stev e Henson] | |||||
| 857 | ||||||
| 858 | *) Add T LS v1.2 se rver suppo rt for cli ent authen tication. | |||||
| 859 | [Stev e Henson] | |||||
| 860 | ||||||
| 861 | *) Add s upport for FIPS mode in ssl li brary: dis able SSLv3 , non-FIPS ciphers | |||||
| 862 | and e nable MD5. | |||||
| 863 | [Stev e Henson] | |||||
| 864 | ||||||
| 865 | *) Funct ions FIPS_ mode_set() and FIPS_ mode() whi ch call th e underlyi ng | |||||
| 866 | FIPS modules ve rsions. | |||||
| 867 | [Stev e Henson] | |||||
| 868 | ||||||
| 869 | *) Add T LS v1.2 cl ient side support fo r client a uthenticat ion. Keep cache | |||||
| 870 | of ha ndshake re cords long er as we d on't know the hash a lgorithm t o use | |||||
| 871 | until after the certifica te request message i s received . | |||||
| 872 | [Stev e Henson] | |||||
| 873 | ||||||
| 874 | *) Initi al TLS v1. 2 client s upport. Ad d a defaul t signatur e algorith ms | |||||
| 875 | exten sion inclu ding all t he algorit hms we sup port. Pars e new sign ature | |||||
| 876 | forma t in clien t key exch ange. Rela x some ECC signing r estriction s for | |||||
| 877 | TLS v 1.2 as ind icated in RFC5246. | |||||
| 878 | [Stev e Henson] | |||||
| 879 | ||||||
| 880 | *) Add s erver supp ort for TL S v1.2 sig nature alg orithms ex tension. S witch | |||||
| 881 | to ne w signatur e format w hen needed using cli ent digest preferenc e. | |||||
| 882 | All s erver ciph ersuites s hould now work corre ctly in TL S v1.2. No client | |||||
| 883 | suppo rt yet and no suppor t for clie nt certifi cates. | |||||
| 884 | [Stev e Henson] | |||||
| 885 | ||||||
| 886 | *) Initi al TLS v1. 2 support. Add new S HA256 dige st to ssl code, swit ch | |||||
| 887 | to SH A256 for P RF when us ing TLS v1 .2 and lat er. Add ne w SHA256 b ased | |||||
| 888 | ciphe rsuites. A t present only RSA k ey exchang e ciphersu ites work with | |||||
| 889 | TLS v 1.2. Add n ew option for TLS v1 .2 replaci ng the old and obsol ete | |||||
| 890 | SSL_O P_PKCS1_CH ECK flags with SSL_O P_NO_TLSv1 _2. New TL Sv1.2 meth ods | |||||
| 891 | and v ersion che cking. | |||||
| 892 | [Stev e Henson] | |||||
| 893 | ||||||
| 894 | *) New o ption OPEN SSL_NO_SSL _INTERN. I f an appli cation can be compil ed | |||||
| 895 | with this defin ed it will not be af fected by any change s to ssl i nternal | |||||
| 896 | struc tures. Add several u tility fun ctions to allow open ssl applic ation | |||||
| 897 | to wo rk with OP ENSSL_NO_S SL_INTERN defined. | |||||
| 898 | [Stev e Henson] | |||||
| 899 | ||||||
| 900 | *) Add S RP support . | |||||
| 901 | [Tom Wu <tjw@cs .stanford. edu> and B en Laurie] | |||||
| 902 | ||||||
| 903 | *) Add f unctions t o copy EVP _PKEY_METH OD and ret rieve flag s and id. | |||||
| 904 | [Stev e Henson] | |||||
| 905 | ||||||
| 906 | *) Permi t abbrevia ted handsh akes when renegotiat ing using the functi on | |||||
| 907 | SSL_r enegotiate _abbreviat ed(). | |||||
| 908 | [Robi n Seggelma nn <seggel mann@fh-mu enster.de> ] | |||||
| 909 | ||||||
| 910 | *) Add c all to ENG INE_regist er_all_com plete() to | |||||
| 911 | ENGIN E_load_bui ltin_engin es(), so s ome implem entations get used | |||||
| 912 | autom atically i nstead of needing ex plicit app lication s upport. | |||||
| 913 | [Stev e Henson] | |||||
| 914 | ||||||
| 915 | *) Add s upport for TLS key e xporter as described in RFC570 5. | |||||
| 916 | [Robi n Seggelma nn <seggel mann@fh-mu enster.de> , Steve He nson] | |||||
| 917 | ||||||
| 918 | *) Initi al TLSv1.1 support. Since TLSv 1.1 is ver y similar to TLS v1. 0 only | |||||
| 919 | a few changes a re require d: | |||||
| 920 | ||||||
| 921 | Add SSL_OP_NO _TLSv1_1 f lag. | |||||
| 922 | Add TLSv1_1 m ethods. | |||||
| 923 | Upd ate versio n checking logic to handle ver sion 1.1. | |||||
| 924 | Add explicit IV handlin g (ported from DTLS code). | |||||
| 925 | Add command l ine option s to s_cli ent/s_serv er. | |||||
| 926 | [Stev e Henson] | |||||
| 927 | ||||||
| 928 | Changes b etween 1.0 .0g and 1. 0.0h [12 M ar 2012] | |||||
| 929 | ||||||
| 930 | *) Fix M MA (Bleich enbacher's attack on PKCS #1 v 1.5 RSA pa dding) wea kness | |||||
| 931 | in CM S and PKCS 7 code. Wh en RSA dec ryption fa ils use a random key for | |||||
| 932 | conte nt decrypt ion and al ways retur n the same error. No te: this a ttack | |||||
| 933 | needs on averag e 2^20 mes sages so i t only aff ects autom ated sende rs. The | |||||
| 934 | old b ehaviour c an be reen abled in t he CMS cod e by setti ng the | |||||
| 935 | CMS_D EBUG_DECRY PT flag: t his is use ful for de bugging an d testing where | |||||
| 936 | an MM A defence is not nec essary. | |||||
| 937 | Thank s to Ivan Nestlerode <inestler ode@us.ibm .com> for discoverin g | |||||
| 938 | this issue. (CV E-2012-088 4) | |||||
| 939 | [Stev e Henson] | |||||
| 940 | ||||||
| 941 | *) Fix C VE-2011-46 19: make s ure we rea lly are re ceiving a | |||||
| 942 | clien t hello be fore rejec ting multi ple SGC re starts. Th anks to | |||||
| 943 | Ivan Nestlerode <inestler ode@us.ibm .com> for discoverin g this bug . | |||||
| 944 | [Stev e Henson] | |||||
| 945 | ||||||
| 946 | Changes b etween 1.0 .0f and 1. 0.0g [18 J an 2012] | |||||
| 947 | ||||||
| 948 | *) Fix f or DTLS Do S issue in troduced b y fix for CVE-2011-4 109. | |||||
| 949 | Thank s to Anton io Martin, Enterpris e Secure A ccess Rese arch and | |||||
| 950 | Devel opment, Ci sco System s, Inc. fo r discover ing this b ug and | |||||
| 951 | prepa ring a fix . (CVE-201 2-0050) | |||||
| 952 | [Anto nio Martin ] | |||||
| 953 | ||||||
| 954 | Changes b etween 1.0 .0e and 1. 0.0f [4 Ja n 2012] | |||||
| 955 | ||||||
| 956 | *) Nadhe m Alfardan and Kenny Paterson have disco vered an e xtension | |||||
| 957 | of th e Vaudenay padding o racle atta ck on CBC mode encry ption | |||||
| 958 | which enables a n efficien t plaintex t recovery attack ag ainst | |||||
| 959 | the O penSSL imp lementatio n of DTLS. Their att ack exploi ts timing | |||||
| 960 | diffe rences ari sing durin g decrypti on process ing. A res earch | |||||
| 961 | paper describin g this att ack can be found at: | |||||
| 962 | ht tp://www.i sg.rhul.ac .uk/~kp/dt ls.pdf | |||||
| 963 | Thank s go to Na dhem Alfar dan and Ke nny Paters on of the Informatio n | |||||
| 964 | Secur ity Group at Royal H olloway, U niversity of London | |||||
| 965 | (www. isg.rhul.a c.uk) for discoverin g this fla w and to R obin Segge lmann | |||||
| 966 | <segg elmann@fh- muenster.d e> and Mic hael Tuexe n <tuexen@ fh-muenste r.de> | |||||
| 967 | for p reparing t he fix. (C VE-2011-41 08) | |||||
| 968 | [Robi n Seggelma nn, Michae l Tuexen] | |||||
| 969 | ||||||
| 970 | *) Clear bytes use d for bloc k padding of SSL 3.0 records. | |||||
| 971 | (CVE- 2011-4576) | |||||
| 972 | [Adam Langley ( Google)] | |||||
| 973 | ||||||
| 974 | *) Only allow one SGC handsh ake restar t for SSL/ TLS. Thank s to Georg e | |||||
| 975 | Kadia nakis <des nacked@gma il.com> fo r discover ing this i ssue and | |||||
| 976 | Adam Langley fo r preparin g the fix. (CVE-2011 -4619) | |||||
| 977 | [Adam Langley ( Google)] | |||||
| 978 | ||||||
| 979 | *) Check parameter s are not NULL in GO ST ENGINE. (CVE-2012 -0027) | |||||
| 980 | [Andr ey Kulikov <amdeich@ gmail.com> ] | |||||
| 981 | ||||||
| 982 | *) Preve nt malform ed RFC3779 data trig gering an assertion failure. | |||||
| 983 | Thank s to Andre w Chi, BBN Technolog ies, for d iscovering the flaw | |||||
| 984 | and R ob Austein <sra@hact rn.net> fo r fixing i t. (CVE-20 11-4577) | |||||
| 985 | [Rob Austein <s ra@hactrn. net>] | |||||
| 986 | ||||||
| 987 | *) Impro ved PRNG s eeding for VOS. | |||||
| 988 | [Paul Green <Pa ul.Green@s tratus.com >] | |||||
| 989 | ||||||
| 990 | *) Fix s sl_ciph.c set-up rac e. | |||||
| 991 | [Adam Langley ( Google)] | |||||
| 992 | ||||||
| 993 | *) Fix s purious fa ilures in ecdsatest. c. | |||||
| 994 | [Emil ia Käsper (Google)] | |||||
| 995 | ||||||
| 996 | *) Fix t he BIO_f_b uffer() im plementati on (which was mixing different | |||||
| 997 | inter pretations of the '. .._len' fi elds). | |||||
| 998 | [Adam Langley ( Google)] | |||||
| 999 | ||||||
| 1000 | *) Fix h andling of BN_BLINDI NG: now BN _BLINDING_ invert_ex (rather th an | |||||
| 1001 | BN_BL INDING_inv ert_ex) ca lls BN_BLI NDING_upda te, ensuri ng that co ncurrent | |||||
| 1002 | threa ds won't r euse the s ame blindi ng coeffic ients. | |||||
| 1003 | ||||||
| 1004 | This also avoid s the need to obtain the CRYPT O_LOCK_RSA _BLINDING | |||||
| 1005 | lock to call BN _BLINDING_ invert_ex, and avoid s one use of | |||||
| 1006 | BN_BL INDING_upd ate for ea ch BN_BLIN DING struc ture (prev iously, | |||||
| 1007 | the l ast update always re mained unu sed). | |||||
| 1008 | [Emil ia Käsper (Google)] | |||||
| 1009 | ||||||
| 1010 | *) In ss l3_clear, preserve s 3->init_ex tra along with s3->r buf. | |||||
| 1011 | [Bob Buckholz ( Google)] | |||||
| 1012 | ||||||
| 1013 | Changes b etween 1.0 .0d and 1. 0.0e [6 Se p 2011] | |||||
| 1014 | ||||||
| 1015 | *) Fix b ug where C RLs with n extUpdate in the pas t are some times acce pted | |||||
| 1016 | by in itialising X509_STOR E_CTX prop erly. (CVE -2011-3207 ) | |||||
| 1017 | [Kasp ar Brand < ossl@velox .ch>] | |||||
| 1018 | ||||||
| 1019 | *) Fix S SL memory handling f or (EC)DH ciphersuit es, in par ticular | |||||
| 1020 | for m ulti-threa ded use of ECDH. (CV E-2011-321 0) | |||||
| 1021 | [Adam Langley ( Google)] | |||||
| 1022 | ||||||
| 1023 | *) Fix x 509_name_e x_d2i memo ry leak on bad input s. | |||||
| 1024 | [Bodo Moeller] | |||||
| 1025 | ||||||
| 1026 | *) Remov e hard cod ed ecdsaWi thSHA1 sig nature tes ts in ssl code and c heck | |||||
| 1027 | signa ture publi c key algo rithm by u sing OID x ref utilit ies instea d. | |||||
| 1028 | Befor e this you could onl y use some ECC ciphe rsuites wi th SHA1 on ly. | |||||
| 1029 | [Stev e Henson] | |||||
| 1030 | ||||||
| 1031 | *) Add p rotection against EC DSA timing attacks a s mentione d in the p aper | |||||
| 1032 | by Bi lly Bob Br umley and Nicola Tuv eri, see: | |||||
| 1033 | ||||||
| 1034 | ht tp://eprin t.iacr.org /2011/232. pdf | |||||
| 1035 | ||||||
| 1036 | [Bill y Bob Brum ley and Ni cola Tuver i] | |||||
| 1037 | ||||||
| 1038 | Changes b etween 1.0 .0c and 1. 0.0d [8 Fe b 2011] | |||||
| 1039 | ||||||
| 1040 | *) Fix p arsing of OCSP stapl ing Client Hello exte nsion. CVE -2011-0014 | |||||
| 1041 | [Neel Mehta, Ad am Langley , Bodo Moe ller (Goog le)] | |||||
| 1042 | ||||||
| 1043 | *) Fix b ug in stri ng printin g code: if *any* esc aping is e nabled we must | |||||
| 1044 | escap e the esca pe charact er (backsl ash) or th e resultin g string i s | |||||
| 1045 | ambig uous. | |||||
| 1046 | [Stev e Henson] | |||||
| 1047 | ||||||
| 1048 | Changes b etween 1.0 .0b and 1. 0.0c [2 D ec 2010] | |||||
| 1049 | ||||||
| 1050 | *) Disab le code wo rkaround f or ancient and obsol ete Netsca pe browser s | |||||
| 1051 | and s ervers: an attacker can use it in a ciph ersuite do wngrade at tack. | |||||
| 1052 | Thank s to Marti n Rex for discoverin g this bug . CVE-2010 -4180 | |||||
| 1053 | [Stev e Henson] | |||||
| 1054 | ||||||
| 1055 | *) Fixed J-PAKE im plementati on error, originally discovere d by | |||||
| 1056 | Sebas tien Marti ni, furthe r info and confirmat ion from S tefan | |||||
| 1057 | Arent z and Feng Hao. Note that this fix is a security f ix. CVE-20 10-4252 | |||||
| 1058 | [Ben Laurie] | |||||
| 1059 | ||||||
| 1060 | Changes b etween 1.0 .0a and 1. 0.0b [16 Nov 2010] | |||||
| 1061 | ||||||
| 1062 | *) Fix e xtension c ode to avo id race co nditions w hich can r esult in a buffer | |||||
| 1063 | overr un vulnera bility: re sumed sess ions must not be mod ified as t hey can | |||||
| 1064 | be sh ared by mu ltiple thr eads. CVE- 2010-3864 | |||||
| 1065 | [Stev e Henson] | |||||
| 1066 | ||||||
| 1067 | *) Fix W IN32 build system to correctly link an E NGINE dire ctory into | |||||
| 1068 | a DLL . | |||||
| 1069 | [Stev e Henson] | |||||
| 1070 | ||||||
| 1071 | Changes b etween 1.0 .0 and 1.0 .0a [01 J un 2010] | |||||
| 1072 | ||||||
| 1073 | *) Check return va lue of int _rsa_verif y in pkey_ rsa_verify recover | |||||
| 1074 | (CVE- 2010-1633) | |||||
| 1075 | [Stev e Henson, Peter-Mich ael Hager <hager@dor tmund.net> ] | |||||
| 1076 | ||||||
| 1077 | Changes b etween 0.9 .8n and 1. 0.0 [29 M ar 2010] | |||||
| 1078 | ||||||
| 1079 | *) Add " missing" f unction EV P_CIPHER_C TX_copy(). This copi es a ciphe r | |||||
| 1080 | conte xt. The op eration ca n be custo mised via the ctrl m echanism i n | |||||
| 1081 | case ENGINEs wa nt to incl ude additi onal funct ionality. | |||||
| 1082 | [Stev e Henson] | |||||
| 1083 | ||||||
| 1084 | *) Toler ate yet an other brok en PKCS#8 key format : private key value negative. | |||||
| 1085 | [Stev e Henson] | |||||
| 1086 | ||||||
| 1087 | *) Add n ew -subjec t_hash_old and -issu er_hash_ol d options to x509 ut ility to | |||||
| 1088 | outpu t hashes c ompatible with older versions of OpenSSL . | |||||
| 1089 | [Will y Weisz <w eisz@vcpc. univie.ac. at>] | |||||
| 1090 | ||||||
| 1091 | *) Fix c ompression algorithm handling: if resumi ng a sessi on use the | |||||
| 1092 | compr ession alg orithm of the resume d session instead of determini ng | |||||
| 1093 | it fr om client hello agai n. Don't a llow serve r to chang e algorith m. | |||||
| 1094 | [Stev e Henson] | |||||
| 1095 | ||||||
| 1096 | *) Add l oad_crls() function to apps ti dying load _certs() t oo. Add op tion | |||||
| 1097 | to ve rify utili ty to allo w addition al CRLs to be includ ed. | |||||
| 1098 | [Stev e Henson] | |||||
| 1099 | ||||||
| 1100 | *) Updat e OCSP req uest code to permit adding cus tom header s to the r equest: | |||||
| 1101 | some responders need this . | |||||
| 1102 | [Stev e Henson] | |||||
| 1103 | ||||||
| 1104 | *) The f unction EV P_PKEY_sig n() return s <=0 on e rror: chec k return c ode | |||||
| 1105 | corre ctly. | |||||
| 1106 | [Juli a Lawall < julia@diku .dk>] | |||||
| 1107 | ||||||
| 1108 | *) Updat e verify c allback co de in apps /s_cb.c an d apps/ver ify.c, it | |||||
| 1109 | needl essly dere ferenced s tructures, used obso lete funct ions and | |||||
| 1110 | didn' t handle a ll updated verify co des correc tly. | |||||
| 1111 | [Stev e Henson] | |||||
| 1112 | ||||||
| 1113 | *) Disab le MD2 in the defaul t configur ation. | |||||
| 1114 | [Stev e Henson] | |||||
| 1115 | ||||||
| 1116 | *) In BI O_pop() an d BIO_push () use the ctrl argu ment (whic h was NULL ) to | |||||
| 1117 | indic ate the in itial BIO being push ed or popp ed. This m akes it po ssible | |||||
| 1118 | to de termine wh ether the BIO is the one expli citly call ed or as a result | |||||
| 1119 | of th e ctrl bei ng passed down the c hain. Fix BIO_pop() and SSL BI Os so | |||||
| 1120 | it ha ndles refe rence coun ts correct ly and doe sn't zero out the I/ O bio | |||||
| 1121 | when it is not being expl icitly pop ped. WARNI NG: applic ations whi ch | |||||
| 1122 | inclu ded workar ounds for the old bu ggy behavi our will n eed to be modified | |||||
| 1123 | or th ey could f ree up alr eady freed BIOs. | |||||
| 1124 | [Stev e Henson] | |||||
| 1125 | ||||||
| 1126 | *) Exten d the uni2 asc/asc2un i => OPENS SL_uni2asc /OPENSSL_a sc2uni | |||||
| 1127 | renam ing to all platforms (within t he 0.9.8 b ranch, thi s was | |||||
| 1128 | done conditiona lly on Net ware platf orms to av oid a name clash). | |||||
| 1129 | [Guen ter <lists @gknw.net> ] | |||||
| 1130 | ||||||
| 1131 | *) Add E CDHE and P SK support to DTLS. | |||||
| 1132 | [Mich ael Tuexen <tuexen@f h-muenster .de>] | |||||
| 1133 | ||||||
| 1134 | *) Add C HECKED_STA CK_OF macr o to safes tack.h, ot herwise sa festack ca n't | |||||
| 1135 | be us ed on C++. | |||||
| 1136 | [Stev e Henson] | |||||
| 1137 | ||||||
| 1138 | *) Add " missing" f unction EV P_MD_flags () (withou t this the only way to | |||||
| 1139 | retri eve a dige st flags i s by acces sing the s tructure d irectly. U pdate | |||||
| 1140 | EVP_M D_do_all*( ) and EVP_ CIPHER_do_ all*() to include th e name a d igest | |||||
| 1141 | or ci pher is re gistered a s in the " from" argu ment. Prin t out all | |||||
| 1142 | regis tered dige sts in the dgst usag e message instead of manually | |||||
| 1143 | attem pting to w ork them o ut. | |||||
| 1144 | [Stev e Henson] | |||||
| 1145 | ||||||
| 1146 | *) If no SSLv2 cip hers are u sed don't use an SSL v2 compati ble client hello: | |||||
| 1147 | this allows the use of co mpression and extens ions. Chan ge default cipher | |||||
| 1148 | strin g to remov e SSLv2 ci phersuites . This eff ectively a voids anci ent SSLv2 | |||||
| 1149 | by de fault unle ss an appl ication ci pher strin g requests it. | |||||
| 1150 | [Stev e Henson] | |||||
| 1151 | ||||||
| 1152 | *) Alter match cri teria in P KCS12_pars e(). It us ed to try to use loc al | |||||
| 1153 | key i ds to find matching certificat es and key s but some PKCS#12 f iles | |||||
| 1154 | don't follow th e (somewha t unwritte n) rules a nd this st rategy fai ls. | |||||
| 1155 | Now j ust gather all certi ficates to gether and the first private k ey | |||||
| 1156 | then look for t he first c ertificate that matc hes the ke y. | |||||
| 1157 | [Stev e Henson] | |||||
| 1158 | ||||||
| 1159 | *) Suppo rt use of registered digest an d cipher n ames for d gst and ci pher | |||||
| 1160 | comma nds instea d of havin g to add e ach one as a special case. So now | |||||
| 1161 | you c an do: | |||||
| 1162 | ||||||
| 1163 | op enssl sha2 56 foo | |||||
| 1164 | ||||||
| 1165 | as we ll as: | |||||
| 1166 | ||||||
| 1167 | op enssl dgst -sha256 f oo | |||||
| 1168 | ||||||
| 1169 | and t his works for ENGINE based alg orithms to o. | |||||
| 1170 | ||||||
| 1171 | [Stev e Henson] | |||||
| 1172 | ||||||
| 1173 | *) Updat e Gost ENG INE to sup port param eter files . | |||||
| 1174 | [Vict or B. Wagn er <vitus@ cryptocom. ru>] | |||||
| 1175 | ||||||
| 1176 | *) Suppo rt General izedTime i n ca utili ty. | |||||
| 1177 | [Oliv er Martin <oliver@vo latilevoid .net>, Ste ve Henson] | |||||
| 1178 | ||||||
| 1179 | *) Enhan ce the has h format u sed for ce rtificate directory links. The new | |||||
| 1180 | form uses the c anonical e ncoding (m eaning equ ivalent na mes will w ork | |||||
| 1181 | even if they ar en't ident ical) and uses SHA1 instead of MD5. This form | |||||
| 1182 | is in compatible with the older form at and as a result c _rehash sh ould | |||||
| 1183 | be us ed to rebu ild symbol ic links. | |||||
| 1184 | [Stev e Henson] | |||||
| 1185 | ||||||
| 1186 | *) Make PKCS#8 the default w rite forma t for priv ate keys, replacing the | |||||
| 1187 | tradi tional for mat. This form is st andardised , more sec ure and do esn't | |||||
| 1188 | inclu de an impl icit MD5 d ependency. | |||||
| 1189 | [Stev e Henson] | |||||
| 1190 | ||||||
| 1191 | *) Add a $gcc_devt eam_warn o ption to C onfigure. The idea i s that any code | |||||
| 1192 | commi tted to Op enSSL shou ld pass th is lot as a minimum. | |||||
| 1193 | [Stev e Henson] | |||||
| 1194 | ||||||
| 1195 | *) Add s ession tic ket overri de functio nality for use by EA P-FAST. | |||||
| 1196 | [Joun i Malinen <j@w1.fi>] | |||||
| 1197 | ||||||
| 1198 | *) Modif y HMAC fun ctions to return a v alue. Sinc e these ca n be imple mented | |||||
| 1199 | in an ENGINE er rors can o ccur. | |||||
| 1200 | [Stev e Henson] | |||||
| 1201 | ||||||
| 1202 | *) Type- checked OB J_bsearch_ ex. | |||||
| 1203 | [Ben Laurie] | |||||
| 1204 | ||||||
| 1205 | *) Type- checked OB J_bsearch. Also some constific ation nece ssitated | |||||
| 1206 | by ty pe-checkin g. Still to come: T XT_DB, bse arch(?), | |||||
| 1207 | OBJ_b search_ex, qsort, CR YPTO_EX_DA TA, ASN1_V ALUE, ASN1 _STRING, | |||||
| 1208 | CONF_ VALUE. | |||||
| 1209 | [Ben Laurie] | |||||
| 1210 | ||||||
| 1211 | *) New f unction OP ENSSL_gmti me_adj() t o add a sp ecific num ber of day s and | |||||
| 1212 | secon ds to a tm structure directly, instead o f going th rough OS | |||||
| 1213 | speci fic date r outines. T his avoids any issue s with OS routines s uch | |||||
| 1214 | as th e year 203 8 bug. New *_adj() f unctions f or ASN1 ti me structu res | |||||
| 1215 | and X 509_time_a dj_ex() to cover the extended range. The existing | |||||
| 1216 | X509_ time_adj() is still usable and will no l onger have any date issues. | |||||
| 1217 | [Stev e Henson] | |||||
| 1218 | ||||||
| 1219 | *) Delta CRL suppo rt. New us e deltas o ption whic h will att empt to lo cate | |||||
| 1220 | and s earch any appropriat e delta CR Ls availab le. | |||||
| 1221 | ||||||
| 1222 | This work was s ponsored b y Google. | |||||
| 1223 | [Stev e Henson] | |||||
| 1224 | ||||||
| 1225 | *) Suppo rt for CRL s partitio ned by rea son code. Reorganise CRL proce ssing | |||||
| 1226 | code and add ad ditional s core eleme nts. Valid ate altern ate CRL pa ths | |||||
| 1227 | as pa rt of the CRL checki ng and ind icate a ne w error "C RL path va lidation | |||||
| 1228 | error " in this case. Appl ications w anting add itional de tails can use | |||||
| 1229 | the v erify call back and c heck the n ew "parent " field. I f this is not | |||||
| 1230 | NULL CRL path v alidation is taking place. Exi sting appl ications w ont | |||||
| 1231 | see t his becaus e it requi res extend ed CRL sup port which is off by | |||||
| 1232 | defau lt. | |||||
| 1233 | ||||||
| 1234 | This work was s ponsored b y Google. | |||||
| 1235 | [Stev e Henson] | |||||
| 1236 | ||||||
| 1237 | *) Suppo rt for fre shest CRL extension. | |||||
| 1238 | ||||||
| 1239 | This work was s ponsored b y Google. | |||||
| 1240 | [Stev e Henson] | |||||
| 1241 | ||||||
| 1242 | *) Initi al indirec t CRL supp ort. Curre ntly only supported in the CRL s | |||||
| 1243 | passe d directly and not v ia lookup. Process c ertificate issuer | |||||
| 1244 | CRL e ntry exten sion and l ookup CRL entries by bother is suer name | |||||
| 1245 | and s erial numb er. Check and proces s CRL issu er entry i n IDP exte nsion. | |||||
| 1246 | ||||||
| 1247 | This work was s ponsored b y Google. | |||||
| 1248 | [Stev e Henson] | |||||
| 1249 | ||||||
| 1250 | *) Add s upport for distinct certificat e and CRL paths. The CRL issue r | |||||
| 1251 | certi ficate is validated separately in this c ase. Only enabled if | |||||
| 1252 | an ex tended CRL support f lag is set : this fla g will ena ble additi onal | |||||
| 1253 | CRL f unctionali ty in futu re. | |||||
| 1254 | ||||||
| 1255 | This work was s ponsored b y Google. | |||||
| 1256 | [Stev e Henson] | |||||
| 1257 | ||||||
| 1258 | *) Add s upport for policy ma ppings ext ension. | |||||
| 1259 | ||||||
| 1260 | This work was s ponsored b y Google. | |||||
| 1261 | [Stev e Henson] | |||||
| 1262 | ||||||
| 1263 | *) Fixes to pathle ngth const raint, sel f issued c ertificate handling, | |||||
| 1264 | polic y processi ng to alig n with RFC 3280 and P KITS tests . | |||||
| 1265 | ||||||
| 1266 | This work was s ponsored b y Google. | |||||
| 1267 | [Stev e Henson] | |||||
| 1268 | ||||||
| 1269 | *) Suppo rt for nam e constrai nts certif icate exte nsion. DN, email, DN S | |||||
| 1270 | and U RI types a re current ly support ed. | |||||
| 1271 | ||||||
| 1272 | This work was s ponsored b y Google. | |||||
| 1273 | [Stev e Henson] | |||||
| 1274 | ||||||
| 1275 | *) To ca ter for sy stems that provide a pointer-b ased threa d ID rathe r | |||||
| 1276 | than numeric, d eprecate t he current numeric t hread ID m echanism a nd | |||||
| 1277 | repla ce it with a structu re and ass ociated ca llback typ e. This | |||||
| 1278 | mecha nism allow s a numeri c "hash" t o be extra cted from a thread I D in | |||||
| 1279 | eithe r case, an d on platf orms where pointers are larger than 'lon g', | |||||
| 1280 | mixin g is done to help en sure the n umeric 'ha sh' is usa ble even i f it | |||||
| 1281 | can't be guaran teed uniqu e. The def ault mecha nism is to use "&err no" | |||||
| 1282 | as a pointer-ba sed thread ID to dis tinguish b etween thr eads. | |||||
| 1283 | ||||||
| 1284 | Appli cations th at want to provide t heir own t hread IDs should now use | |||||
| 1285 | CRYPT O_THREADID _set_callb ack() to r egister a callback t hat will c all | |||||
| 1286 | eithe r CRYPTO_T HREADID_se t_numeric( ) or CRYPT O_THREADID _set_point er(). | |||||
| 1287 | ||||||
| 1288 | Note that ERR_r emove_stat e() is now deprecate d, because it is tie d | |||||
| 1289 | to th e assumpti on that th read IDs a re numeric . ERR_rem ove_state( 0) | |||||
| 1290 | to fr ee the cur rent threa d's error state shou ld be repl aced by | |||||
| 1291 | ERR_r emove_thre ad_state(N ULL). | |||||
| 1292 | ||||||
| 1293 | (This new appro ach replac es the fun ctions CRY PTO_set_id ptr_callba ck(), | |||||
| 1294 | CRYPT O_get_idpt r_callback (), and CR YPTO_threa d_idptr() that exist ed in | |||||
| 1295 | OpenS SL 0.9.9-d ev between June 2006 and Augus t 2008. Al so, if an | |||||
| 1296 | appli cation was previousl y providin g a numeri c thread c allback th at | |||||
| 1297 | was i nappropria te for dis tinguishin g threads, then uniq ueness mig ht | |||||
| 1298 | have been obtai ned with & errno that happened immediatel y in the | |||||
| 1299 | inter mediate de velopment versions o f OpenSSL; this is n o longer t he | |||||
| 1300 | case, the numer ic thread callback w ill now ov erride the automatic use | |||||
| 1301 | of &e rrno.) | |||||
| 1302 | [Geof f Thorpe, with help from Bodo Moeller] | |||||
| 1303 | ||||||
| 1304 | *) Initi al support for diffe rent CRL i ssuing cer tificates. This cove rs a | |||||
| 1305 | simpl e case whe re the sel f issued c ertificate s in the c hain exist and | |||||
| 1306 | the r eal CRL is suer is hi gher in th e existing chain. | |||||
| 1307 | ||||||
| 1308 | This work was s ponsored b y Google. | |||||
| 1309 | [Stev e Henson] | |||||
| 1310 | ||||||
| 1311 | *) Remov ed effecti vely defun ct crypto/ store from the build . | |||||
| 1312 | [Ben Laurie] | |||||
| 1313 | ||||||
| 1314 | *) Revam p of STACK to provid e stronger type-chec king. Stil l to come: | |||||
| 1315 | TXT_D B, bsearch (?), OBJ_b search, qs ort, CRYPT O_EX_DATA, ASN1_VALU E, | |||||
| 1316 | ASN1_ STRING, CO NF_VALUE. | |||||
| 1317 | [Ben Laurie] | |||||
| 1318 | ||||||
| 1319 | *) Add a new SSL_M ODE_RELEAS E_BUFFERS mode flag to release unused bu ffer | |||||
| 1320 | RAM o n SSL conn ections. This optio n can save about 34k per idle SSL. | |||||
| 1321 | [Nick Mathewson ] | |||||
| 1322 | ||||||
| 1323 | *) Revam p of LHASH to provid e stronger type-chec king. Stil l to come: | |||||
| 1324 | STACK , TXT_DB, bsearch, q sort. | |||||
| 1325 | [Ben Laurie] | |||||
| 1326 | ||||||
| 1327 | *) Initi al support for Crypt ographic M essage Syn tax (aka C MS) based | |||||
| 1328 | on RF C3850, RFC 3851 and R FC3852. Ne w cms dire ctory and cms utilit y, | |||||
| 1329 | suppo rt for dat a, signedD ata, compr essedData, digestedD ata and | |||||
| 1330 | encry ptedData, envelopedD ata types included. Scripts to check aga inst | |||||
| 1331 | RFC41 34 example s draft an d interop and consis tency chec ks of many | |||||
| 1332 | conte nt types a nd variant s. | |||||
| 1333 | [Stev e Henson] | |||||
| 1334 | ||||||
| 1335 | *) Add o ptions to enc utilit y to suppo rt use of zlib compr ession BIO . | |||||
| 1336 | [Stev e Henson] | |||||
| 1337 | ||||||
| 1338 | *) Exten d mk1mf to support i mporting o f options and assemb ly languag e | |||||
| 1339 | files from Conf igure scri pt, curren tly only i ncluded in VC-WIN32. | |||||
| 1340 | The a ssembly la nguage rul es can now optionall y generate the sourc e | |||||
| 1341 | files from the associated perl scri pts. | |||||
| 1342 | [Stev e Henson] | |||||
| 1343 | ||||||
| 1344 | *) Imple ment remai ning funct ionality n eeded to s upport GOS T ciphersu ites. | |||||
| 1345 | Inter op testing has been performed using Cryp toPro impl ementation s. | |||||
| 1346 | [Vict or B. Wagn er <vitus@ cryptocom. ru>] | |||||
| 1347 | ||||||
| 1348 | *) s390x assembler pack. | |||||
| 1349 | [Andy Polyakov] | |||||
| 1350 | ||||||
| 1351 | *) ARMv4 assembler pack. ARM v4 refers to v4 and later ISA, not CPU | |||||
| 1352 | "fami ly." | |||||
| 1353 | [Andy Polyakov] | |||||
| 1354 | ||||||
| 1355 | *) Imple ment Opaqu e PRF Inpu t TLS exte nsion as s pecified i n | |||||
| 1356 | draft -rescorla- tls-opaque -prf-input -00.txt. Since this is not an | |||||
| 1357 | offic ial specif ication ye t and no e xtension t ype assign ment by | |||||
| 1358 | IANA exists, th is extensi on (for no w) will ha ve to be e xplicitly | |||||
| 1359 | enabl ed when bu ilding Ope nSSL by pr oviding th e extensio n number | |||||
| 1360 | to us e. For ex ample, spe cify an op tion | |||||
| 1361 | ||||||
| 1362 | - DTLSEXT_TY PE_opaque_ prf_input= 0x9527 | |||||
| 1363 | ||||||
| 1364 | to th e "config" or "Confi gure" scri pt to enab le the ext ension, | |||||
| 1365 | assum ing extens ion number 0x9527 (w hich is a completely arbitrary | |||||
| 1366 | and u nofficial assignment based on the MD5 ha sh of the Internet | |||||
| 1367 | Draft ). Note t hat by doi ng so, you potential ly lose | |||||
| 1368 | inter operabilit y with oth er TLS imp lementatio ns since t hese might | |||||
| 1369 | be us ing the sa me extensi on number for other purposes. | |||||
| 1370 | ||||||
| 1371 | SSL_s et_tlsext_ opaque_prf _input(ssl , src, len ) is used to set the | |||||
| 1372 | opaqu e PRF inpu t value to use in th e handshak e. This w ill create | |||||
| 1373 | an in teral copy of the le ngth-'len' string at 'src', an d will | |||||
| 1374 | retur n non-zero for succe ss. | |||||
| 1375 | ||||||
| 1376 | To ge t more con trol and f lexibility , provide a callback function | |||||
| 1377 | by us ing | |||||
| 1378 | ||||||
| 1379 | SSL_CTX_se t_tlsext_o paque_prf_ input_call back(ctx, cb) | |||||
| 1380 | SSL_CTX_se t_tlsext_o paque_prf_ input_call back_arg(c tx, arg) | |||||
| 1381 | ||||||
| 1382 | where | |||||
| 1383 | ||||||
| 1384 | int (*cb)( SSL *, voi d *peerinp ut, size_t len, void *arg); | |||||
| 1385 | void *arg; | |||||
| 1386 | ||||||
| 1387 | Callb ack functi on 'cb' wi ll be call ed in hand shakes, an d is | |||||
| 1388 | expec ted to use SSL_set_t lsext_opaq ue_prf_inp ut() as ap propriate. | |||||
| 1389 | Argum ent 'arg' is for app lication p urposes (t he value a s given to | |||||
| 1390 | SSL_C TX_set_tls ext_opaque _prf_input _callback_ arg() will directly | |||||
| 1391 | be pr ovided to the callba ck functio n). The c allback fu nction | |||||
| 1392 | has t o return n on-zero to report su ccess: usu ally 1 to use opaque | |||||
| 1393 | PRF i nput just if possibl e, or 2 to enforce u se of the opaque PRF | |||||
| 1394 | input . In the latter cas e, the lib rary will abort the handshake | |||||
| 1395 | if op aque PRF i nput is no t successf ully negot iated. | |||||
| 1396 | ||||||
| 1397 | Argum ents 'peer input' and 'len' giv en to the callback f unction | |||||
| 1398 | will always be NULL and 0 in the ca se of a cl ient. A s erver will | |||||
| 1399 | see t he client' s opaque P RF input t hrough the se variabl es if | |||||
| 1400 | avail able (NULL and 0 oth erwise). Note that if the ser ver | |||||
| 1401 | provi des an opa que PRF in put, the l ength must be the sa me as the | |||||
| 1402 | lengt h of the c lient's op aque PRF i nput. | |||||
| 1403 | ||||||
| 1404 | Note that the c allback fu nction wil l only be called whe n creating | |||||
| 1405 | a new session ( session re sumption c an resume whatever w as | |||||
| 1406 | previ ously nego tiated), a nd will no t be calle d in SSL 2 .0 | |||||
| 1407 | hands hakes; thu s, SSL_CTX _set_optio ns(ctx, SS L_OP_NO_SS Lv2) or | |||||
| 1408 | SSL_s et_options (ssl, SSL_ OP_NO_SSLv 2) is espe cially rec ommended | |||||
| 1409 | for a pplication s that nee d to enfor ce opaque PRF input. | |||||
| 1410 | ||||||
| 1411 | [Bodo Moeller] | |||||
| 1412 | ||||||
| 1413 | *) Updat e ssl code to suppor t digests other than SHA1+MD5 for handsh ake | |||||
| 1414 | MAC. | |||||
| 1415 | ||||||
| 1416 | [Vict or B. Wagn er <vitus@ cryptocom. ru>] | |||||
| 1417 | ||||||
| 1418 | *) Add R FC4507 sup port to Op enSSL. Thi s includes the corre ctions in | |||||
| 1419 | RFC45 07bis. The encrypted ticket fo rmat is an encrypted encoded | |||||
| 1420 | SSL_S ESSION str ucture, th at way new session f eatures ar e automati cally | |||||
| 1421 | suppo rted. | |||||
| 1422 | ||||||
| 1423 | If a client app lication c aches sess ion in an SSL_SESSIO N structur e | |||||
| 1424 | suppo rt is tran sparent be cause tick ets are no w stored i n the enco ded | |||||
| 1425 | SSL_S ESSION. | |||||
| 1426 | ||||||
| 1427 | The S SL_CTX str ucture aut omatically generates keys for ticket | |||||
| 1428 | prote ction in s ervers so again supp ort should be possib le | |||||
| 1429 | with no applica tion modif ication. | |||||
| 1430 | ||||||
| 1431 | If a client or server wis hes to dis able RFC45 07 support then the option | |||||
| 1432 | SSL_O P_NO_TICKE T can be s et. | |||||
| 1433 | ||||||
| 1434 | Add a TLS exten sion debug ging callb ack to all ow the con tents of a ny client | |||||
| 1435 | or se rver exten sions to b e examined . | |||||
| 1436 | ||||||
| 1437 | This work was s ponsored b y Google. | |||||
| 1438 | [Stev e Henson] | |||||
| 1439 | ||||||
| 1440 | *) Final changes t o avoid us e of point er pointer casts in OpenSSL. | |||||
| 1441 | OpenS SL should now compil e cleanly on gcc 4.2 | |||||
| 1442 | [Pete r Hartley <pdh@utter .chaos.org .uk>, Stev e Henson] | |||||
| 1443 | ||||||
| 1444 | *) Updat e SSL libr ary to use new EVP_P KEY MAC AP I. Include generic M AC | |||||
| 1445 | suppo rt includi ng streami ng MAC sup port: this is requir ed for GOS T | |||||
| 1446 | ciphe rsuite sup port. | |||||
| 1447 | [Vict or B. Wagn er <vitus@ cryptocom. ru>, Steve Henson] | |||||
| 1448 | ||||||
| 1449 | *) Add o ption -str eam to use PKCS#7 st reaming in smime uti lity. New | |||||
| 1450 | funct ion i2d_PK CS7_bio_st ream() and PEM_write _PKCS7_bio _stream() | |||||
| 1451 | to ou tput in BE R and PEM format. | |||||
| 1452 | [Stev e Henson] | |||||
| 1453 | ||||||
| 1454 | *) Exper imental su pport for use of HMA C via EVP_ PKEY inter face. This | |||||
| 1455 | allow s HMAC to be handled via the E VP_DigestS ign*() int erface. Th e | |||||
| 1456 | EVP_P KEY "key" in this ca se is the HMAC key, potentiall y allowing | |||||
| 1457 | ENGIN E support for HMAC k eys which are unextr actable. N ew -mac an d | |||||
| 1458 | -maco pt options to dgst u tility. | |||||
| 1459 | [Stev e Henson] | |||||
| 1460 | ||||||
| 1461 | *) New o ption -sig opt to dgs t utility. Update dg st to use | |||||
| 1462 | EVP_D igest{Sign ,Verify}*. These two changes m ake it pos sible to u se | |||||
| 1463 | alter native sig ning param aters such as X9.31 or PSS in the dgst | |||||
| 1464 | utili ty. | |||||
| 1465 | [Stev e Henson] | |||||
| 1466 | ||||||
| 1467 | *) Chang e ssl_ciph er_apply_r ule(), the internal function t hat does | |||||
| 1468 | the w ork each t ime a ciph ersuite st ring reque sts enabli ng | |||||
| 1469 | ("foo +bar"), mo ving ("+fo o+bar"), d isabling ( "-foo+bar" , or | |||||
| 1470 | remov ing ("!foo +bar") a c lass of ci phersuites : Now it m aintains | |||||
| 1471 | the o rder of di sabled cip hersuites such that those ciph ersuites | |||||
| 1472 | that most recen tly went f rom enable d to disab led not on ly stay | |||||
| 1473 | in or der with r espect to each other , but also have high er priorit y | |||||
| 1474 | than other disa bled ciphe rsuites th e next tim e ciphersu ites are | |||||
| 1475 | enabl ed again. | |||||
| 1476 | ||||||
| 1477 | This means that you can n ow say, e. g., "PSK:- PSK:HIGH" to enable | |||||
| 1478 | the s ame cipher suites as with "HIGH " alone, b ut in a sp ecific | |||||
| 1479 | order where the PSK ciphe rsuites co me first ( since they are the | |||||
| 1480 | most recently d isabled ci phersuites when "HIG H" is pars ed). | |||||
| 1481 | ||||||
| 1482 | Also, change ss l_create_c ipher_list () (using this new | |||||
| 1483 | funci onality) s uch that b etween oth erwise ide ntical | |||||
| 1484 | cihpe rsuites, e phemeral E CDH is pre ferred ove r ephemera l DH in | |||||
| 1485 | the d efault ord er. | |||||
| 1486 | [Bodo Moeller] | |||||
| 1487 | ||||||
| 1488 | *) Chang e ssl_crea te_cipher_ list() so that it au tomaticall y | |||||
| 1489 | arran ges the ci phersuites in reason able order before st arting | |||||
| 1490 | to pr ocess the rule strin g. Thus, the defini tion for " DEFAULT" | |||||
| 1491 | (SSL_ DEFAULT_CI PHER_LIST) now is ju st "ALL:!a NULL:!eNUL L", but | |||||
| 1492 | remai ns equival ent to "AE S:ALL:!aNU LL:!eNULL: +aECDH:+kR SA:+RC4:@S TRENGTH". | |||||
| 1493 | This makes it m uch easier to arrive at a reas onable def ault order | |||||
| 1494 | in ap plications for which anonymous ciphers a re OK (mea ning | |||||
| 1495 | that you can't actually u se DEFAULT ). | |||||
| 1496 | [Bodo Moeller; suggested by Victor Duchovni] | |||||
| 1497 | ||||||
| 1498 | *) Split the SSL/T LS algorit hm mask (a s used for ciphersui te string | |||||
| 1499 | proce ssing) int o multiple integers instead of setting | |||||
| 1500 | "SSL_ MKEY_MASK" bits, "SS L_AUTH_MAS K" bits, " SSL_ENC_MA SK", | |||||
| 1501 | "SSL_ MAC_MASK", and "SSL_ SSL_MASK" bits all i n a single integer. | |||||
| 1502 | (Thes e masks as well as t he individ ual bit de finitions are hidden | |||||
| 1503 | away into the n on-exporte d interfac e ssl/ssl_ locl.h, so this | |||||
| 1504 | chang e to the d efinition of the SSL _CIPHER st ructure sh ouldn't | |||||
| 1505 | affec t applicat ions.) Th is give us more bits for each of these | |||||
| 1506 | categ ories, so there is n o longer a need to c oagulate A ES128 and | |||||
| 1507 | AES25 6 into a s ingle algo rithm bit, and to co agulate Ca mellia128 | |||||
| 1508 | and C amellia256 into a si ngle algor ithm bit, which has led to all | |||||
| 1509 | kinds of kludge s. | |||||
| 1510 | ||||||
| 1511 | Thus, among oth er things, the kludg e introduc ed in 0.9. 7m and | |||||
| 1512 | 0.9.8 e for mask ing out AE S256 indep endently o f AES128 o r masking | |||||
| 1513 | out C amellia256 independe ntly of AE S256 is no t needed h ere in 0.9 .9. | |||||
| 1514 | ||||||
| 1515 | With the change , we also introduce new cipher suite alia ses that | |||||
| 1516 | so fa r were mis sing: "AES 128", "AES 256", "CAM ELLIA128", and | |||||
| 1517 | "CAME LLIA256". | |||||
| 1518 | [Bodo Moeller] | |||||
| 1519 | ||||||
| 1520 | *) Add s upport for dsa-with- SHA224 and dsa-with- SHA256. | |||||
| 1521 | Use t he leftmos t N bytes of the sig nature inp ut if the input is | |||||
| 1522 | large r than the prime q ( with N bei ng the siz e in bytes of q). | |||||
| 1523 | [Nils Larsch] | |||||
| 1524 | ||||||
| 1525 | *) Very *very* exp erimental PKCS#7 str eaming enc oder suppo rt. Nothin g uses | |||||
| 1526 | it ye t and it i s largely untested. | |||||
| 1527 | [Stev e Henson] | |||||
| 1528 | ||||||
| 1529 | *) Add s upport for the ecdsa -with-SHA2 24/256/384 /512 signa ture types . | |||||
| 1530 | [Nils Larsch] | |||||
| 1531 | ||||||
| 1532 | *) Initi al incompl ete change s to avoid need for function c asts in Op enSSL | |||||
| 1533 | some compilers (gcc 4.2 a nd later) reject the ir use. Sa festack is | |||||
| 1534 | reimp lemented. Update AS N1 to avoi d use of l egacy func tions. | |||||
| 1535 | [Stev e Henson] | |||||
| 1536 | ||||||
| 1537 | *) Win32 /64 target s are link ed with Wi nsock2. | |||||
| 1538 | [Andy Polyakov] | |||||
| 1539 | ||||||
| 1540 | *) Add a n X509_CRL _METHOD st ructure to allow CRL processin g to be re directed | |||||
| 1541 | to ex ternal fun ctions. Th is can be used to in crease CRL handling | |||||
| 1542 | effic iency espe cially whe n CRLs are very larg e by (for example) s toring | |||||
| 1543 | the C RL revoked certifica tes in a d atabase. | |||||
| 1544 | [Stev e Henson] | |||||
| 1545 | ||||||
| 1546 | *) Overh aul of by_ dir code. Add suppor t for dyna mic loadin g of CRLs so | |||||
| 1547 | new C RLs added to a direc tory can b e used. Ne w command line optio n | |||||
| 1548 | -veri fy_return_ error to s _client an d s_server . This cau ses real e rrors | |||||
| 1549 | to be returned by the ver ify callba ck instead of carryi ng on no m atter | |||||
| 1550 | what. This refl ects the w ay a "real world" ve rify callb ack would behave. | |||||
| 1551 | [Stev e Henson] | |||||
| 1552 | ||||||
| 1553 | *) GOST engine, su pporting s everal GOS T algorith ms and pub lic key fo rmats. | |||||
| 1554 | Kindl y donated by Cryptoc om. | |||||
| 1555 | [Cryp tocom] | |||||
| 1556 | ||||||
| 1557 | *) Parti al support for Issui ng Distrib ution Poin t CRL exte nsion. CRL s | |||||
| 1558 | parti tioned by DP are han dled but n o indirect CRL or re ason parti tioning | |||||
| 1559 | (yet) . Complete overhaul of CRL han dling: now the most suitable C RL is | |||||
| 1560 | selec ted via a scoring te chnique wh ich handle s IDP and AKID in CR Ls. | |||||
| 1561 | [Stev e Henson] | |||||
| 1562 | ||||||
| 1563 | *) New X 509_STORE_ CTX callba cks lookup _crls() an d lookup_c erts() whi ch | |||||
| 1564 | will ultimately be used f or all ver ify operat ions: this will remo ve the | |||||
| 1565 | X509_ STORE depe ndency on certificat e verifica tion and a llow alter native | |||||
| 1566 | looku p methods. X509_STO RE based i mplementat ions of th ese two ca llbacks. | |||||
| 1567 | [Stev e Henson] | |||||
| 1568 | ||||||
| 1569 | *) Allow multiple CRLs to ex ist in an X509_STORE with matc hing issue r names. | |||||
| 1570 | Modif y get_crl( ) to find a valid (u nexpired) CRL if pos sible. | |||||
| 1571 | [Stev e Henson] | |||||
| 1572 | ||||||
| 1573 | *) New f unction X5 09_CRL_mat ch() to ch eck if two CRLs are identical. Normally | |||||
| 1574 | this would be c alled X509 _CRL_cmp() but that name is al ready used by | |||||
| 1575 | a fun ction that just comp ares CRL i ssuer name s. Cache s everal CRL | |||||
| 1576 | exten sions in X 509_CRL st ructure an d cache CR LDP in X50 9. | |||||
| 1577 | [Stev e Henson] | |||||
| 1578 | ||||||
| 1579 | *) Store a "canoni cal" repre sentation of X509_NA ME structu re (ASN1 N ame) | |||||
| 1580 | this maps equiv alent X509 _NAME stru ctures int o a consis tent struc ture. | |||||
| 1581 | Name comparison can then be perform ed rapidly using mem cmp(). | |||||
| 1582 | [Stev e Henson] | |||||
| 1583 | ||||||
| 1584 | *) Non-b locking OC SP request processin g. Add -ti meout opti on to ocsp | |||||
| 1585 | utili ty. | |||||
| 1586 | [Stev e Henson] | |||||
| 1587 | ||||||
| 1588 | *) Allow digests t o supply t heir own m icalg stri ng for S/M IME type u sing | |||||
| 1589 | the c trl EVP_MD _CTRL_MICA LG. | |||||
| 1590 | [Stev e Henson] | |||||
| 1591 | ||||||
| 1592 | *) Durin g PKCS7 si gning pass the PKCS7 SignerInf o structur e to the | |||||
| 1593 | EVP_P KEY_METHOD before an d after si gning via the EVP_PK EY_CTRL_PK CS7_SIGN | |||||
| 1594 | ctrl. It can th en customi se the str ucture bef ore and/or after sig ning | |||||
| 1595 | if ne cessary. | |||||
| 1596 | [Stev e Henson] | |||||
| 1597 | ||||||
| 1598 | *) New f unction OB J_add_sigi d() to all ow applica tion defin ed signatu re OIDs | |||||
| 1599 | to be added to OpenSSLs i nternal ta bles. New function O BJ_sigid_f ree() | |||||
| 1600 | to fr ee up any added sign ature OIDs . | |||||
| 1601 | [Stev e Henson] | |||||
| 1602 | ||||||
| 1603 | *) New f unctions E VP_CIPHER_ do_all(), EVP_CIPHER _do_all_so rted(), | |||||
| 1604 | EVP_M D_do_all() and EVP_M D_do_all_s orted() to enumerate internal | |||||
| 1605 | diges t and ciph er tables. New optio ns added t o openssl utility: | |||||
| 1606 | list- message-di gest-algor ithms and list-ciphe r-algorith ms. | |||||
| 1607 | [Stev e Henson] | |||||
| 1608 | ||||||
| 1609 | *) Chang e the arra y represen tation of binary pol ynomials: the list | |||||
| 1610 | of de grees of n on-zero co efficients is now te rminated w ith -1. | |||||
| 1611 | Previ ously it w as termina ted with 0 , which wa s also par t of the | |||||
| 1612 | value ; thus, th e array re presentati on was not applicabl e to | |||||
| 1613 | polyn omials whe re t^0 has coefficie nt zero. This chang e makes | |||||
| 1614 | the a rray repre sentation useful in a more gen eral conte xt. | |||||
| 1615 | [Doug las Stebil a] | |||||
| 1616 | ||||||
| 1617 | *) Vario us modific ations and fixes to SSL/TLS ci pher strin g | |||||
| 1618 | handl ing. For ECC, the c ode now di stinguishe s between fixed ECDH | |||||
| 1619 | with RSA certif icates on the one ha nd and wit h ECDSA ce rtificates | |||||
| 1620 | on th e other ha nd, since these are separate c iphersuite s. The | |||||
| 1621 | unuse d code for Fortezza ciphersuit es has bee n removed. | |||||
| 1622 | ||||||
| 1623 | For c onsistency with EDH, ephemeral ECDH is n ow called "EECDH" | |||||
| 1624 | (not "ECDHE"). For consi stency wit h the code for DH | |||||
| 1625 | certi ficates, u se of ECDH certifica tes is now considere d ECDH | |||||
| 1626 | authe ntication, not RSA o r ECDSA au thenticati on (the la tter is | |||||
| 1627 | merel y the CA's signing a lgorithm a nd not act ively used in the | |||||
| 1628 | proto col). | |||||
| 1629 | ||||||
| 1630 | The t emporary c iphersuite alias "EC Cdraft" is no longer | |||||
| 1631 | avail able, and ECC cipher suites are no longer excluded from "ALL" | |||||
| 1632 | and " DEFAULT". The follo wing alias es now exi st for RFC 4492 | |||||
| 1633 | ciphe rsuites, m ost of the se by anal ogy with t he DH case : | |||||
| 1634 | ||||||
| 1635 | k ECDHr - ECDH cert, signed wi th RSA | |||||
| 1636 | k ECDHe - ECDH cert, signed wi th ECDSA | |||||
| 1637 | k ECDH - ECDH cert (signed wi th either RSA or ECD SA) | |||||
| 1638 | k EECDH - ephemeral ECDH | |||||
| 1639 | E CDH - ECDH cert or ephemer al ECDH | |||||
| 1640 | ||||||
| 1641 | a ECDH - ECDH cert | |||||
| 1642 | a ECDSA - ECDSA cert | |||||
| 1643 | E CDSA - ECDSA cert | |||||
| 1644 | ||||||
| 1645 | A ECDH - anonymous ECDH | |||||
| 1646 | E ECDH - non-anonym ous epheme ral ECDH ( equivalent to "kEECD H:-AECDH") | |||||
| 1647 | ||||||
| 1648 | [Bodo Moeller] | |||||
| 1649 | ||||||
| 1650 | *) Add a dditional S/MIME cap abilities for AES an d GOST cip hers if su pported. | |||||
| 1651 | Use c orrect mic alg parame ters depen ding on di gest(s) in signed me ssage. | |||||
| 1652 | [Stev e Henson] | |||||
| 1653 | ||||||
| 1654 | *) Add e ngine supp ort for EV P_PKEY_ASN 1_METHOD. Add functi ons to pro cess | |||||
| 1655 | an EN GINE asn1 method. Su pport ENGI NE lookups in the AS N1 code. | |||||
| 1656 | [Stev e Henson] | |||||
| 1657 | ||||||
| 1658 | *) Initi al engine support fo r EVP_PKEY _METHOD. N ew functio ns to perm it | |||||
| 1659 | an en gine to re gister a m ethod. Add ENGINE lo okups for methods an d | |||||
| 1660 | funct ional refe rence proc essing. | |||||
| 1661 | [Stev e Henson] | |||||
| 1662 | ||||||
| 1663 | *) New f unctions E VP_Digest{ Sign,Verif y)*. These are encha nce versio ns of | |||||
| 1664 | EVP_{ Sign,Verif y}* which allow an a pplication to custom ise the si gnature | |||||
| 1665 | proce ss. | |||||
| 1666 | [Stev e Henson] | |||||
| 1667 | ||||||
| 1668 | *) New - resign opt ion to smi me utility . This add s one or m ore signer s | |||||
| 1669 | to an existing PKCS#7 sig nedData st ructure. A lso -md op tion to us e an | |||||
| 1670 | alter native mes sage diges t algorith m for sign ing. | |||||
| 1671 | [Stev e Henson] | |||||
| 1672 | ||||||
| 1673 | *) Tidy up PKCS#7 routines a nd add new functions to make i t easier t o | |||||
| 1674 | creat e PKCS7 st ructures c ontaining multiple s igners. Up date smime | |||||
| 1675 | appli cation to support mu ltiple sig ners. | |||||
| 1676 | [Stev e Henson] | |||||
| 1677 | ||||||
| 1678 | *) New - macalg opt ion to pkc s12 utilit y to allow setting o f an alter native | |||||
| 1679 | diges t MAC. | |||||
| 1680 | [Stev e Henson] | |||||
| 1681 | ||||||
| 1682 | *) Initi al support for PKCS# 5 v2.0 PRF s other th an default SHA1 HMAC . | |||||
| 1683 | Reorg anize PBE internals to lookup from a sta tic table using NIDs , | |||||
| 1684 | add s upport for HMAC PBE OID transl ation. Add a EVP_CIP HER ctrl: | |||||
| 1685 | EVP_C TRL_PBE_PR F_NID this allows a cipher to specify an alternati ve | |||||
| 1686 | PRF w hich will be automat ically use d with PBE S2. | |||||
| 1687 | [Stev e Henson] | |||||
| 1688 | ||||||
| 1689 | *) Repla ce the alg orithm spe cific call s to gener ate keys i n "req" wi th the | |||||
| 1690 | new A PI. | |||||
| 1691 | [Stev e Henson] | |||||
| 1692 | ||||||
| 1693 | *) Updat e PKCS#7 e nveloped d ata routin es to use new API. T his is now | |||||
| 1694 | suppo rted by an y public k ey method supporting the encry pt operati on. A | |||||
| 1695 | ctrl is added t o allow th e public k ey algorit hm to exam ine or mod ify | |||||
| 1696 | the P KCS#7 Reci pientInfo structure if it need s to: for RSA this i s | |||||
| 1697 | a no op. | |||||
| 1698 | [Stev e Henson] | |||||
| 1699 | ||||||
| 1700 | *) Add a ctrl to a sn1 method to allow a public k ey algorit hm to expr ess | |||||
| 1701 | a def ault diges t type to use. In mo st cases t his will b e SHA1 but some | |||||
| 1702 | algor ithms (suc h as GOST) need to s pecify an alternativ e digest. The | |||||
| 1703 | retur n value in dicates ho w strong t he prefern ce is 1 me ans option al and | |||||
| 1704 | 2 is mandatory (that is i t is the o nly suppor ted type). Modify | |||||
| 1705 | ASN1_ item_sign( ) to accep t a NULL d igest argu ment to in dicate it should | |||||
| 1706 | use t he default md. Updat e openssl utilities to use the default d igest | |||||
| 1707 | type for signin g if it is not expli citly indi cated. | |||||
| 1708 | [Stev e Henson] | |||||
| 1709 | ||||||
| 1710 | *) Use O ID cross r eference t able in AS N1_sign() and ASN1_v erify(). N ew | |||||
| 1711 | EVP_M D flag EVP _MD_FLAG_P KEY_METHOD _SIGNATURE . This use s the rele vant | |||||
| 1712 | signi ng method from the k ey type. T his effect ively remo ves the li nk | |||||
| 1713 | betwe en digests and publi c key type s. | |||||
| 1714 | [Stev e Henson] | |||||
| 1715 | ||||||
| 1716 | *) Add a n OID cros s referenc e table an d utility functions. Its purpo se is to | |||||
| 1717 | trans late betwe en signatu re OIDs su ch as SHA1 WithrsaEnc ryption an d SHA1, | |||||
| 1718 | rsaEn cryption. This will allow some of the al gorithm sp ecific hac kery | |||||
| 1719 | neede d to use t he correct OID to be removed. | |||||
| 1720 | [Stev e Henson] | |||||
| 1721 | ||||||
| 1722 | *) Remov e algorith m specific dependenc ies when s etting PKC S7_SIGNER_ INFO | |||||
| 1723 | struc tures for PKCS7_sign (). They a re now set up by the relevant public | |||||
| 1724 | key A SN1 method . | |||||
| 1725 | [Stev e Henson] | |||||
| 1726 | ||||||
| 1727 | *) Add p rovisional EC pkey m ethod with support f or ECDSA a nd ECDH. | |||||
| 1728 | [Stev e Henson] | |||||
| 1729 | ||||||
| 1730 | *) Add s upport for key deriv ation (agr eement) in the API, DH method and | |||||
| 1731 | pkeyu tl. | |||||
| 1732 | [Stev e Henson] | |||||
| 1733 | ||||||
| 1734 | *) Add D SA pkey me thod and D H pkey met hods, exte nd DH ASN1 method to support | |||||
| 1735 | publi c and priv ate key fo rmats. As a side eff ect these add additi onal | |||||
| 1736 | comma nd line fu nctionalit y not prev iously ava ilable: DS A signatur es can be | |||||
| 1737 | gener ated and v erified us ing pkeyut l and DH k ey support and gener ation in | |||||
| 1738 | pkey, genpkey. | |||||
| 1739 | [Stev e Henson] | |||||
| 1740 | ||||||
| 1741 | *) BeOS support. | |||||
| 1742 | [Oliv er Tappe < zooey@hirs chkaefer.d e>] | |||||
| 1743 | ||||||
| 1744 | *) New m ake target "install_ html_docs" installs HTML rendi tions of t he | |||||
| 1745 | manua l pages. | |||||
| 1746 | [Oliv er Tappe < zooey@hirs chkaefer.d e>] | |||||
| 1747 | ||||||
| 1748 | *) New u tility "ge npkey" thi s is anala gous to "g enrsa" etc except it can | |||||
| 1749 | gener ate keys f or any alg orithm. Ex tend and u pdate EVP_ PKEY_METHO D to | |||||
| 1750 | suppo rt key and parameter generatio n and add initial ke y generati on | |||||
| 1751 | funct ionality f or RSA. | |||||
| 1752 | [Stev e Henson] | |||||
| 1753 | ||||||
| 1754 | *) Add f unctions f or main EV P_PKEY_met hod operat ions. The undocument ed | |||||
| 1755 | funct ions EVP_P KEY_{encry pt,decrypt } have bee n renamed to | |||||
| 1756 | EVP_P KEY_{encry pt,decrypt }_old. | |||||
| 1757 | [Stev e Henson] | |||||
| 1758 | ||||||
| 1759 | *) Initi al definit ions for E VP_PKEY_ME THOD. This will be a high leve l public | |||||
| 1760 | key A PI, doesn' t do much yet. | |||||
| 1761 | [Stev e Henson] | |||||
| 1762 | ||||||
| 1763 | *) New f unction EV P_PKEY_asn 1_get0_inf o() to ret rieve info rmation ab out | |||||
| 1764 | publi c key algo rithms. Ne w option t o openssl utility: | |||||
| 1765 | "list -public-ke y-algorith ms" to pri nt out inf o. | |||||
| 1766 | [Stev e Henson] | |||||
| 1767 | ||||||
| 1768 | *) Imple ment the S upported E lliptic Cu rves Exten sion for | |||||
| 1769 | ECC c iphersuite s from dra ft-ietf-tl s-ecc-12.t xt. | |||||
| 1770 | [Doug las Stebil a] | |||||
| 1771 | ||||||
| 1772 | *) Don't free up O IDs in OBJ _cleanup() if they a re in use by EVP_MD or | |||||
| 1773 | EVP_C IPHER stru ctures to avoid late r problems in EVP_cl eanup(). | |||||
| 1774 | [Stev e Henson] | |||||
| 1775 | ||||||
| 1776 | *) New u tilities p key and pk eyparam. T hese are s imilar to algorithm specific | |||||
| 1777 | utili ties such as rsa, ds a, dsapara m etc exce pt they pr ocess any key | |||||
| 1778 | type. | |||||
| 1779 | [Stev e Henson] | |||||
| 1780 | ||||||
| 1781 | *) Trans fer public key print ing routin es to EVP_ PKEY_ASN1_ METHOD. Ne w | |||||
| 1782 | funct ions EVP_P KEY_print_ public(), EVP_PKEY_p rint_priva te(), | |||||
| 1783 | EVP_P KEY_print_ param() to print pub lic key da ta from an EVP_PKEY | |||||
| 1784 | struc ture. | |||||
| 1785 | [Stev e Henson] | |||||
| 1786 | ||||||
| 1787 | *) Initi al support for plugg able publi c key ASN1 . | |||||
| 1788 | De-sp aghettify the public key ASN1 handling. Move publi c and priv ate | |||||
| 1789 | key A SN1 handli ng to a ne w EVP_PKEY _ASN1_METH OD structu re. Reloca te | |||||
| 1790 | algor ithm speci fic handli ng to a si ngle modul e within t he relevan t | |||||
| 1791 | algor ithm direc tory. Add functions to allow ( near) opaq ue process ing | |||||
| 1792 | of pu blic and p rivate key structure s. | |||||
| 1793 | [Stev e Henson] | |||||
| 1794 | ||||||
| 1795 | *) Imple ment the S upported P oint Forma ts Extensi on for | |||||
| 1796 | ECC c iphersuite s from dra ft-ietf-tl s-ecc-12.t xt. | |||||
| 1797 | [Doug las Stebil a] | |||||
| 1798 | ||||||
| 1799 | *) Add i nitial sup port for R FC 4279 PS K TLS ciph ersuites. Add member s | |||||
| 1800 | for t he psk ide ntity [hin t] and the psk callb ack functi ons to the | |||||
| 1801 | SSL_S ESSION, SS L and SSL_ CTX struct ure. | |||||
| 1802 | ||||||
| 1803 | New c iphersuite s: | |||||
| 1804 | P SK-RC4-SHA , PSK-3DES -EDE-CBC-S HA, PSK-AE S128-CBC-S HA, | |||||
| 1805 | P SK-AES256- CBC-SHA | |||||
| 1806 | ||||||
| 1807 | New f unctions: | |||||
| 1808 | S SL_CTX_use _psk_ident ity_hint | |||||
| 1809 | S SL_get_psk _identity_ hint | |||||
| 1810 | S SL_get_psk _identity | |||||
| 1811 | S SL_use_psk _identity_ hint | |||||
| 1812 | ||||||
| 1813 | [Mika Kousa and Pasi Eron en of Noki a Corporat ion] | |||||
| 1814 | ||||||
| 1815 | *) Add R FC 3161 co mpliant ti me stamp r equest cre ation, res ponse gene ration | |||||
| 1816 | and r esponse ve rification functiona lity. | |||||
| 1817 | [Zolt án Glózik <zglozik@o pentsa.org >, The Ope nTSA Proje ct] | |||||
| 1818 | ||||||
| 1819 | *) Add i nitial sup port for T LS extensi ons, speci fically fo r the serv er_name | |||||
| 1820 | exten sion so fa r. The SS L_SESSION, SSL_CTX, and SSL da ta structu res now | |||||
| 1821 | have new member s for a ho st name. The SSL da ta structu re has an | |||||
| 1822 | addit ional memb er SSL_CTX *initial_ ctx so tha t new sess ions can b e | |||||
| 1823 | store d in that context to allow for session r esumption, even afte r the | |||||
| 1824 | SSL h as been sw itched to a new SSL_ CTX in rea ction to a client's | |||||
| 1825 | serve r_name ext ension. | |||||
| 1826 | ||||||
| 1827 | New f unctions ( subject to change): | |||||
| 1828 | ||||||
| 1829 | S SL_get_ser vername() | |||||
| 1830 | S SL_get_ser vername_ty pe() | |||||
| 1831 | S SL_set_SSL _CTX() | |||||
| 1832 | ||||||
| 1833 | New C TRL codes and macros (subject to change) : | |||||
| 1834 | ||||||
| 1835 | S SL_CTRL_SE T_TLSEXT_S ERVERNAME_ CB | |||||
| 1836 | - SSL_C TX_set_tls ext_server name_callb ack() | |||||
| 1837 | S SL_CTRL_SE T_TLSEXT_S ERVERNAME_ ARG | |||||
| 1838 | - SSL_CTX_se t_tlsext_s ervername_ arg() | |||||
| 1839 | S SL_CTRL_SE T_TLSEXT_H OSTNAME - SSL_set_tl sext_host_ name() | |||||
| 1840 | ||||||
| 1841 | opens sl s_clien t has a ne w '-server name ...' option. | |||||
| 1842 | ||||||
| 1843 | opens sl s_serve r has new options '- servername _host ...' , '-cert2 ...', | |||||
| 1844 | '-key 2 ...', '- servername _fatal' (s ubject to change). This allow s | |||||
| 1845 | testi ng the Hos tName exte nsion for a specific single ho st name (' -cert' | |||||
| 1846 | and ' -key' rema in fallbac ks for han dshakes wi thout Host Name | |||||
| 1847 | negot iation). If the unr ecogninzed _name aler t has to b e sent, th is by | |||||
| 1848 | defau lt is a wa rning; it becomes fa tal with t he '-serve rname_fata l' | |||||
| 1849 | optio n. | |||||
| 1850 | ||||||
| 1851 | [Pete r Sylveste r, Remy A llais, Chr istophe Re nou] | |||||
| 1852 | ||||||
| 1853 | *) Whirl pool hash implementa tion is ad ded. | |||||
| 1854 | [Andy Polyakov] | |||||
| 1855 | ||||||
| 1856 | *) BIGNU M code on 64-bit SPA RCv9 targe ts is swit ched from bn(64,64) to | |||||
| 1857 | bn(64 ,32). Beca use of ins truction s et limitat ions it do esn't have | |||||
| 1858 | any n egative im pact on pe rformance. This was done mostl y in order | |||||
| 1859 | to ma ke it poss ible to sh are assemb ler module s, such as bn_mul_mo nt | |||||
| 1860 | imple mentations , between 32- and 64 -bit build s without hassle. | |||||
| 1861 | [Andy Polyakov] | |||||
| 1862 | ||||||
| 1863 | *) Move code previ ously exil ed into fi le crypto/ ec/ec2_smp t.c | |||||
| 1864 | to ec 2_smpl.c, and no lon ger requir e the OPEN SSL_EC_BIN _PT_COMP | |||||
| 1865 | macro . | |||||
| 1866 | [Bodo Moeller] | |||||
| 1867 | ||||||
| 1868 | *) New c andidate f or BIGNUM assembler implementa tion, bn_m ul_mont, | |||||
| 1869 | dedic ated Montg omery mult iplication procedure , is intro duced. | |||||
| 1870 | BN_MO NT_CTX is modified t o allow bn _mul_mont to reach f or higher | |||||
| 1871 | "64-b it" perfor mance on c ertain 32- bit target s. | |||||
| 1872 | [Andy Polyakov] | |||||
| 1873 | ||||||
| 1874 | *) New o ption SSL_ OP_NO_COMP to disabl e use of c ompression selective ly | |||||
| 1875 | in SS L structur es. New SS L ctrl to set maximu m send fra gment size . | |||||
| 1876 | Save memory by seeting th e I/O buff er sizes d ynamically instead o f | |||||
| 1877 | using the maxim um availab le value. | |||||
| 1878 | [Stev e Henson] | |||||
| 1879 | ||||||
| 1880 | *) New o ption -V f or 'openss l ciphers' . This pri nts the ci phersuite code | |||||
| 1881 | in ad dition to the text d etails. | |||||
| 1882 | [Bodo Moeller] | |||||
| 1883 | ||||||
| 1884 | *) Very, very prel iminary EX PERIMENTAL support f or printin g of gener al | |||||
| 1885 | ASN1 structures . This cur rently pro duces rath er ugly ou tput and d oesn't | |||||
| 1886 | handl e several customised structure s at all. | |||||
| 1887 | [Stev e Henson] | |||||
| 1888 | ||||||
| 1889 | *) Integ rated supp ort for PV K file for mat and so me related formats s uch | |||||
| 1890 | as MS PUBLICKEY BLOB and P RIVATEKEYB LOB. Comma nd line sw itches to support | |||||
| 1891 | these in the 'r sa' and 'd sa' utilit ies. | |||||
| 1892 | [Stev e Henson] | |||||
| 1893 | ||||||
| 1894 | *) Suppo rt for PKC S#1 RSAPub licKey for mat on rsa utility c ommand lin e. | |||||
| 1895 | [Stev e Henson] | |||||
| 1896 | ||||||
| 1897 | *) Remov e the anci ent ASN1_M ETHOD code . This was only ever used in o ne | |||||
| 1898 | place for the ( very old) "NETSCAPE" format ce rtificates which are now | |||||
| 1899 | handl ed using n ew ASN1 co de equival ents. | |||||
| 1900 | [Stev e Henson] | |||||
| 1901 | ||||||
| 1902 | *) Let t he TLSv1_m ethod() et c. functio ns return a 'const' SSL_METHOD | |||||
| 1903 | point er and mak e the SSL_ METHOD par ameter in SSL_CTX_ne w, | |||||
| 1904 | SSL_C TX_set_ssl _version a nd SSL_set _ssl_metho d 'const'. | |||||
| 1905 | [Nils Larsch] | |||||
| 1906 | ||||||
| 1907 | *) Modif y CRL dist ribution p oints exte nsion code to print out previo usly | |||||
| 1908 | unsup ported fie lds. Enhan ce extensi on setting code to a llow setti ng of | |||||
| 1909 | all f ields. | |||||
| 1910 | [Stev e Henson] | |||||
| 1911 | ||||||
| 1912 | *) Add p rint and s et support for Issui ng Distrib ution Poin t CRL exte nsion. | |||||
| 1913 | [Stev e Henson] | |||||
| 1914 | ||||||
| 1915 | *) Chang e 'Configu re' script to enable Camellia by default . | |||||
| 1916 | [NTT] | |||||
| 1917 | ||||||
| 1918 | Changes b etween 0.9 .8m and 0. 9.8n [24 M ar 2010] | |||||
| 1919 | ||||||
| 1920 | *) When rejecting SSL/TLS re cords due to an inco rrect vers ion number , never | |||||
| 1921 | updat e s->serve r with a n ew major v ersion num ber. As o f | |||||
| 1922 | - Ope nSSL 0.9.8 m if 'shor t' is a 16 -bit type, | |||||
| 1923 | - Ope nSSL 0.9.8 f if 'shor t' is long er than 16 bits, | |||||
| 1924 | the p revious be havior cou ld result in a read attempt at NULL when | |||||
| 1925 | recei ving speci fic incorr ect SSL/TL S records once recor d payload | |||||
| 1926 | prote ction is a ctive. (C VE-2010-07 40) | |||||
| 1927 | [Bodo Moeller, Adam Langl ey <agl@ch romium.org >] | |||||
| 1928 | ||||||
| 1929 | *) Fix f or CVE-201 0-0433 whe re some ke rberos ena bled versi ons of Ope nSSL | |||||
| 1930 | could be crashe d if the r elevant ta bles were not presen t (e.g. ch rooted). | |||||
| 1931 | [Toma s Hoger <t hoger@redh at.com>] | |||||
| 1932 | ||||||
| 1933 | Changes b etween 0.9 .8l and 0. 9.8m [25 F eb 2010] | |||||
| 1934 | ||||||
| 1935 | *) Alway s check bn _wexpend() return va lues for f ailure. ( CVE-2009-3 245) | |||||
| 1936 | [Mart in Olsson, Neel Meht a] | |||||
| 1937 | ||||||
| 1938 | *) Fix X 509_STORE locking: E very 'objs ' access r equires a lock (to | |||||
| 1939 | accom modate for stack sor ting, alwa ys a write lock!). | |||||
| 1940 | [Bodo Moeller] | |||||
| 1941 | ||||||
| 1942 | *) On so me version s of WIN32 Heap32Nex t is very slow. This can cause | |||||
| 1943 | exces sive delay s in the R AND_poll() : over a m inute. As a workarou nd | |||||
| 1944 | inclu de a time check in t he inner H eap32Next loop too. | |||||
| 1945 | [Stev e Henson] | |||||
| 1946 | ||||||
| 1947 | *) The c ode that h andled flu shing of d ata in SSL /TLS origi nally used the | |||||
| 1948 | BIO_C TRL_INFO c trl to see if any da ta was pen ding first . This cau sed | |||||
| 1949 | the p roblem out lined in P R#1949. Th e fix sugg ested ther e however can | |||||
| 1950 | trigg er problem s with bug gy BIO_CTR L_WPENDING (e.g. som e versions | |||||
| 1951 | of Ap ache). So instead si mplify the code to f lush uncon ditionally . | |||||
| 1952 | This should be fine since flushing with no da ta to flus h is a no op. | |||||
| 1953 | [Stev e Henson] | |||||
| 1954 | ||||||
| 1955 | *) Handl e TLS vers ions 2.0 a nd later p roperly an d correctl y use the | |||||
| 1956 | highe st version of TLS/SS L supporte d. Althoug h TLS >= 2 .0 is some way | |||||
| 1957 | off a ncient ser vers have a habit of sticking around for a while.. . | |||||
| 1958 | [Stev e Henson] | |||||
| 1959 | ||||||
| 1960 | *) Modif y compress ion code s o it frees up struct ures witho ut using t he | |||||
| 1961 | ex_da ta callbac ks. This w orks aroun d a proble m where so me applica tions | |||||
| 1962 | call CRYPTO_cle anup_all_e x_data() b efore appl ication ex it (e.g. w hen | |||||
| 1963 | resta rting) the n use comp ression (e .g. SSL wi th compres sion) late r. | |||||
| 1964 | This results in significa nt per-con nection me mory leaks and | |||||
| 1965 | has c aused some security issues inc luding CVE -2008-1678 and | |||||
| 1966 | CVE-2 009-4355. | |||||
| 1967 | [Stev e Henson] | |||||
| 1968 | ||||||
| 1969 | *) Const ify crypto /cast (i.e ., <openss l/cast.h>) : a CAST_K EY doesn't | |||||
| 1970 | chang e when enc rypting or decryptin g. | |||||
| 1971 | [Bodo Moeller] | |||||
| 1972 | ||||||
| 1973 | *) Add o ption SSL_ OP_LEGACY_ SERVER_CON NECT which will allo w clients to | |||||
| 1974 | conne ct and ren egotiate w ith server s which do not suppo rt RI. | |||||
| 1975 | Until RI is mor e widely d eployed th is option is enabled by defaul t. | |||||
| 1976 | [Stev e Henson] | |||||
| 1977 | ||||||
| 1978 | *) Add " missing" s sl ctrls t o clear op tions and mode. | |||||
| 1979 | [Stev e Henson] | |||||
| 1980 | ||||||
| 1981 | *) If cl ient attem pts to ren egotiate a nd doesn't support R I respond with | |||||
| 1982 | a no_ renegotiat ion alert as require d by RFC57 46. Some renegotiat ing | |||||
| 1983 | TLS c lients wil l continue a connect ion gracef ully when they recei ve | |||||
| 1984 | the a lert. Unfo rtunately OpenSSL mi shandled t his alert and would hang | |||||
| 1985 | waiti ng for a s erver hell o which it will neve r receive. Now we tr eat a | |||||
| 1986 | recei ved no_ren egotiation alert as a fatal er ror. This is because | |||||
| 1987 | appli cations re questing a renegotia tion might well expe ct it to s ucceed | |||||
| 1988 | and w ould have no code in place to handle the server de nying it s o the | |||||
| 1989 | only safe thing to do is to termina te the con nection. | |||||
| 1990 | [Stev e Henson] | |||||
| 1991 | ||||||
| 1992 | *) Add c trl macro SSL_get_se cure_reneg otiation_s upport() w hich retur ns 1 if | |||||
| 1993 | peer supports s ecure rene gotiation and 0 othe rwise. Pri nt out pee r | |||||
| 1994 | reneg otiation s upport in s_client/s _server. | |||||
| 1995 | [Stev e Henson] | |||||
| 1996 | ||||||
| 1997 | *) Repla ce the hig hly broken and depre cated SPKA C certific ation meth od with | |||||
| 1998 | the u pdated NID creation version. T his should correctly handle UT F8. | |||||
| 1999 | [Stev e Henson] | |||||
| 2000 | ||||||
| 2001 | *) Imple ment RFC57 46. Re-ena ble renego tiation bu t require the extens ion | |||||
| 2002 | as ne eded. Unfo rtunately, SSL3_FLAG S_ALLOW_UN SAFE_LEGAC Y_RENEGOTI ATION | |||||
| 2003 | turns out to be a bad ide a. It has been repla ced by | |||||
| 2004 | SSL_O P_ALLOW_UN SAFE_LEGAC Y_RENEGOTI ATION whic h can be s et with | |||||
| 2005 | SSL_C TX_set_opt ions(). Th is is real ly not rec ommended u nless you | |||||
| 2006 | know what you a re doing. | |||||
| 2007 | [Eric Rescorla <ekr@netwo rkresonanc e.com>, Be n Laurie, Steve Hens on] | |||||
| 2008 | ||||||
| 2009 | *) Fixes to statel ess sessio n resumpti on handlin g. Use ini tial_ctx w hen | |||||
| 2010 | issui ng and att empting to decrypt t ickets in case it ha s changed during | |||||
| 2011 | serve rname hand ling. Use a non-zero length se ssion ID w hen attemp ting | |||||
| 2012 | state less sessi on resumpt ion: this makes it p ossible to determine if | |||||
| 2013 | a res umption ha s occurred immediate ly after r eceiving s erver hell o | |||||
| 2014 | (seve ral places in OpenSS L subtly a ssume this ) instead of later i n | |||||
| 2015 | the h andshake. | |||||
| 2016 | [Stev e Henson] | |||||
| 2017 | ||||||
| 2018 | *) The f unctions E NGINE_ctrl (), OPENSS L_isservic e(), | |||||
| 2019 | CMS_g et1_Recipi entRequest () and RAN D_bytes() can return <=0 on er ror | |||||
| 2020 | fixes for a few places wh ere the re turn code is not che cked | |||||
| 2021 | corre ctly. | |||||
| 2022 | [Juli a Lawall < julia@diku .dk>] | |||||
| 2023 | ||||||
| 2024 | *) Add - -strict-wa rnings opt ion to Con figure scr ipt to inc lude devte am | |||||
| 2025 | warni ngs in oth er configu rations. | |||||
| 2026 | [Stev e Henson] | |||||
| 2027 | ||||||
| 2028 | *) Add s upport for --libdir option and LIBDIR va riable in makefiles. This | |||||
| 2029 | makes it possib le to inst all openss l librarie s in locat ions which | |||||
| 2030 | have names othe r than "li b", for ex ample "/us r/lib64" w hich some | |||||
| 2031 | syste ms need. | |||||
| 2032 | [Stev e Henson, based on p atch from Jeremy Utl ey] | |||||
| 2033 | ||||||
| 2034 | *) Don't allow the use of le ading 0x80 in OIDs. This is a violation of | |||||
| 2035 | X690 8.9.12 and can produ ce some mi sleading t extual out put of OID s. | |||||
| 2036 | [Stev e Henson, reported b y Dan Kami nsky] | |||||
| 2037 | ||||||
| 2038 | *) Delet e MD2 from algorithm tables. T his follow s the reco mmendation in | |||||
| 2039 | sever al standar ds that it is not us ed in new applicatio ns due to | |||||
| 2040 | sever al cryptog raphic wea knesses. F or binary compatibil ity reason s | |||||
| 2041 | the M D2 API is still comp iled in by default. | |||||
| 2042 | [Stev e Henson] | |||||
| 2043 | ||||||
| 2044 | *) Add c ompression id to {d2 i,i2d}_SSL _SESSION s o it is co rrectly sa ved | |||||
| 2045 | and r estored. | |||||
| 2046 | [Stev e Henson] | |||||
| 2047 | ||||||
| 2048 | *) Renam e uni2asc and asc2un i function s to OPENS SL_uni2asc and | |||||
| 2049 | OPENS SL_asc2uni condition ally on Ne tware plat forms to a void a nam e | |||||
| 2050 | clash . | |||||
| 2051 | [Guen ter <lists @gknw.net> ] | |||||
| 2052 | ||||||
| 2053 | *) Fix t he server certificat e chain bu ilding cod e to use X 509_verify _cert(), | |||||
| 2054 | it us ed to have an ad-hoc builder w hich was u nable to c ope with a nything | |||||
| 2055 | other than a si mple chain . | |||||
| 2056 | [Davi d Woodhous e <dwmw2@i nfradead.o rg>, Steve Henson] | |||||
| 2057 | ||||||
| 2058 | *) Don't check sel f signed c ertificate signature s in X509_ verify_cer t() | |||||
| 2059 | by de fault (a f lag can ov erride thi s): it jus t wastes t ime withou t | |||||
| 2060 | addin g any secu rity. As a useful si de effect self signe d root CAs | |||||
| 2061 | with non-FIPS d igests are now usabl e in FIPS mode. | |||||
| 2062 | [Stev e Henson] | |||||
| 2063 | ||||||
| 2064 | *) In dt ls1_proces s_out_of_s eq_message () the che ck if the current me ssage | |||||
| 2065 | is al ready buff ered was m issing. Fo r every ne w message was memory | |||||
| 2066 | alloc ated, allo wing an at tacker to perform an denial of service a ttack | |||||
| 2067 | with sending ou t of seq h andshake m essages un til there is no memo ry | |||||
| 2068 | left. Additiona lly every future mes sege was b uffered, e ven if the | |||||
| 2069 | seque nce number made no s ense and w ould be pa rt of anot her handsh ake. | |||||
| 2070 | So on ly message s with seq uence numb ers less t han 10 in advance wi ll be | |||||
| 2071 | buffe red. (CVE -2009-1378 ) | |||||
| 2072 | [Robi n Seggelma nn, discov ered by Da niel Mentz ] | |||||
| 2073 | ||||||
| 2074 | *) Recor ds are buf fered if t hey arrive with a fu ture epoch to be | |||||
| 2075 | proce ssed after finishing the corre sponding h andshake. There is | |||||
| 2076 | curre ntly no li mitation t o this buf fer allowi ng an atta cker to pe rform | |||||
| 2077 | a DOS attack wi th sending records w ith future epochs un til there is no | |||||
| 2078 | memor y left. Th is patch a dds the pq ueue_size( ) function to detemi ne | |||||
| 2079 | the s ize of a b uffer and limits the record bu ffer to 10 0 entries. | |||||
| 2080 | (CVE- 2009-1377) | |||||
| 2081 | [Robi n Seggelma nn, discov ered by Da niel Mentz ] | |||||
| 2082 | ||||||
| 2083 | *) Keep a copy of frag->msg_ header.fra g_len so i t can be u sed after the | |||||
| 2084 | paren t structur e is freed . (CVE-20 09-1379) | |||||
| 2085 | [Dani el Mentz] | |||||
| 2086 | ||||||
| 2087 | *) Handl e non-bloc king I/O p roperly in SSL_shutd own() call . | |||||
| 2088 | [Darr yl Miles < darryl-mai linglists@ netbauds.n et>] | |||||
| 2089 | ||||||
| 2090 | *) Add 2 .5.4.* OID s | |||||
| 2091 | [Ilya O. <vrgho st@gmail.c om>] | |||||
| 2092 | ||||||
| 2093 | Changes b etween 0.9 .8k and 0. 9.8l [5 N ov 2009] | |||||
| 2094 | ||||||
| 2095 | *) Disab le renegot iation com pletely - this fixes a severe security | |||||
| 2096 | probl em (CVE-20 09-3555) a t the cost of breaki ng all | |||||
| 2097 | reneg otiation. Renegotiat ion can be re-enable d by setti ng | |||||
| 2098 | SSL3_ FLAGS_ALLO W_UNSAFE_L EGACY_RENE GOTIATION in s3->fla gs at | |||||
| 2099 | run-t ime. This is really not recomm ended unle ss you kno w what | |||||
| 2100 | you'r e doing. | |||||
| 2101 | [Ben Laurie] | |||||
| 2102 | ||||||
| 2103 | Changes b etween 0.9 .8j and 0. 9.8k [25 Mar 2009] | |||||
| 2104 | ||||||
| 2105 | *) Don't set val t o NULL whe n freeing up structu res, it is freed up by | |||||
| 2106 | under lying code . If sizeo f(void *) > sizeof(l ong) this can result in | |||||
| 2107 | zeroi ng past th e valid fi eld. (CVE- 2009-0789) | |||||
| 2108 | [Paol o Ganci <P aolo.Ganci @AdNovum.C H>] | |||||
| 2109 | ||||||
| 2110 | *) Fix b ug where r eturn valu e of CMS_S ignerInfo_ verify_con tent() was not | |||||
| 2111 | check ed correct ly. This w ould allow some inva lid signed attribute s to | |||||
| 2112 | appea r to verif y correctl y. (CVE-20 09-0591) | |||||
| 2113 | [Ivan Nestlerod e <inestle rode@us.ib m.com>] | |||||
| 2114 | ||||||
| 2115 | *) Rejec t Universa lString an d BMPStrin g types wi th invalid lengths. This | |||||
| 2116 | preve nts a cras h in ASN1_ STRING_pri nt_ex() wh ich assume s the stri ngs have | |||||
| 2117 | a leg al length. (CVE-2009 -0590) | |||||
| 2118 | [Stev e Henson] | |||||
| 2119 | ||||||
| 2120 | *) Set S /MIME sign ing as the default p urpose rat her than s etting it | |||||
| 2121 | uncon ditionally . This all ows applic ations to override i t at the s tore | |||||
| 2122 | level . | |||||
| 2123 | [Stev e Henson] | |||||
| 2124 | ||||||
| 2125 | *) Permi t restrict ed recursi on of ASN1 strings. This is ne eded in pr actice | |||||
| 2126 | to ha ndle some structures . | |||||
| 2127 | [Stev e Henson] | |||||
| 2128 | ||||||
| 2129 | *) Impro ve efficie ncy of mem _gets: don 't search whole buff er each ti me | |||||
| 2130 | for a '\n' | |||||
| 2131 | [Jere my Shapiro <jnshapir @us.ibm.co m>] | |||||
| 2132 | ||||||
| 2133 | *) New - hex option for opens sl rand. | |||||
| 2134 | [Matt hieu Herrb ] | |||||
| 2135 | ||||||
| 2136 | *) Print out UTF8S tring and NumericStr ing when p arsing ASN 1. | |||||
| 2137 | [Stev e Henson] | |||||
| 2138 | ||||||
| 2139 | *) Suppo rt Numeric String typ e for name component s. | |||||
| 2140 | [Stev e Henson] | |||||
| 2141 | ||||||
| 2142 | *) Allow CC in the environme nt to over ride the a utomatical ly chosen | |||||
| 2143 | compi ler. Note that nothi ng is done to ensure flags wor k with the | |||||
| 2144 | chose n compiler . | |||||
| 2145 | [Ben Laurie] | |||||
| 2146 | ||||||
| 2147 | Changes b etween 0.9 .8i and 0. 9.8j [07 Jan 2009] | |||||
| 2148 | ||||||
| 2149 | *) Prope rly check EVP_Verify Final() an d similar return val ues | |||||
| 2150 | (CVE- 2008-5077) . | |||||
| 2151 | [Ben Laurie, Bo do Moeller , Google S ecurity Te am] | |||||
| 2152 | ||||||
| 2153 | *) Enabl e TLS exte nsions by default. | |||||
| 2154 | [Ben Laurie] | |||||
| 2155 | ||||||
| 2156 | *) Allow the CHIL engine to be loaded, whether t he applica tion is | |||||
| 2157 | multi threaded o r not. (Th is does no t release the develo per from t he | |||||
| 2158 | oblig ation to s et up the dynamic lo cking call backs.) | |||||
| 2159 | [Sand er Temme < sander@tem me.net>] | |||||
| 2160 | ||||||
| 2161 | *) Use c orrect exi t code if there is a n error in dgst comm and. | |||||
| 2162 | [Stev e Henson; problem po inted out by Roland Dirlewange r] | |||||
| 2163 | ||||||
| 2164 | *) Tweak Configure so that y ou need to say "expe rimental-j pake" to e nable | |||||
| 2165 | JPAKE , and need to use -D OPENSSL_EX PERIMENTAL _JPAKE in applicatio ns. | |||||
| 2166 | [Bodo Moeller] | |||||
| 2167 | ||||||
| 2168 | *) Add e xperimenta l JPAKE su pport, inc luding dem o authenti cation in | |||||
| 2169 | s_cli ent and s_ server. | |||||
| 2170 | [Ben Laurie] | |||||
| 2171 | ||||||
| 2172 | *) Set t he compari son functi on in v3_a ddr_canoni ze(). | |||||
| 2173 | [Rob Austein <s ra@hactrn. net>] | |||||
| 2174 | ||||||
| 2175 | *) Add s upport for XMPP STAR TTLS in s_ client. | |||||
| 2176 | [Phil ip Paeps < philip@fre ebsd.org>] | |||||
| 2177 | ||||||
| 2178 | *) Chang e the serv er-side SS L_OP_NETSC APE_REUSE_ CIPHER_CHA NGE_BUG be havior | |||||
| 2179 | to en sure that even with this optio n, only ci phersuites in the | |||||
| 2180 | serve r's prefer ence list will be ac cepted. ( Note that the option | |||||
| 2181 | appli es only wh en resumin g a sessio n, so the earlier be havior was | |||||
| 2182 | just about the algorithm choice for symmetric cryptogra phy.) | |||||
| 2183 | [Bodo Moeller] | |||||
| 2184 | ||||||
| 2185 | Changes b etween 0.9 .8h and 0. 9.8i [15 Sep 2008] | |||||
| 2186 | ||||||
| 2187 | *) Fix N ULL pointe r derefere nce if a D TLS server received | |||||
| 2188 | Chang eCipherSpe c as first record (C VE-2009-13 86). | |||||
| 2189 | [PR # 1679] | |||||
| 2190 | ||||||
| 2191 | *) Fix a state tra nsitition in s3_srvr .c and d1_ srvr.c | |||||
| 2192 | (was using SSL3 _ST_CW_CLN T_HELLO_B, should be ..._ST_SW _SRVR_...) . | |||||
| 2193 | [Nage ndra Modad ugu] | |||||
| 2194 | ||||||
| 2195 | *) The f ix in 0.9. 8c that su pposedly g ot rid of unsafe | |||||
| 2196 | doubl e-checked locking wa s incomple te for RSA blinding, | |||||
| 2197 | addre ssing just one layer of what t urns out t o have bee n | |||||
| 2198 | doubl y unsafe t riple-chec ked lockin g. | |||||
| 2199 | ||||||
| 2200 | So no w fix this for real by retirin g the MONT _HELPER ma cro | |||||
| 2201 | in cr ypto/rsa/r sa_eay.c. | |||||
| 2202 | ||||||
| 2203 | [Bodo Moeller; problem po inted out by Marius Schilder] | |||||
| 2204 | ||||||
| 2205 | *) Vario us precaut ionary mea sures: | |||||
| 2206 | ||||||
| 2207 | - Avo id size_t integer ov erflow in HASH_UPDAT E (md32_co mmon.h). | |||||
| 2208 | ||||||
| 2209 | - Avo id a buffe r overflow in d2i_SS L_SESSION( ) (ssl_asn 1.c). | |||||
| 2210 | (NB : This wou ld require knowledge of the se cret sessi on ticket key | |||||
| 2211 | to exploit, i n which ca se you'd b e SOL eith er way.) | |||||
| 2212 | ||||||
| 2213 | - Cha nge bn_nis t.c so tha t it will properly h andle inpu t BIGNUMs | |||||
| 2214 | out side the e xpected ra nge. | |||||
| 2215 | ||||||
| 2216 | - Enf orce the ' num' check in BN_div () (bn_div .c) for no n-BN_DEBUG | |||||
| 2217 | bui lds. | |||||
| 2218 | ||||||
| 2219 | [Neel Mehta, Bo do Moeller ] | |||||
| 2220 | ||||||
| 2221 | *) Allow engines t o be "soft loaded" - i.e. opti onally don 't die if | |||||
| 2222 | the l oad fails. Useful fo r distros. | |||||
| 2223 | [Ben Laurie and the FreeB SD team] | |||||
| 2224 | ||||||
| 2225 | *) Add s upport for Local Mac hine Keyse t attribut e in PKCS# 12 files. | |||||
| 2226 | [Stev e Henson] | |||||
| 2227 | ||||||
| 2228 | *) Fix B N_GF2m_mod _arr() top -bit clean up code. | |||||
| 2229 | [Huan g Ying] | |||||
| 2230 | ||||||
| 2231 | *) Expan d ENGINE t o support engine sup plied SSL client cer tificate f unctions. | |||||
| 2232 | ||||||
| 2233 | This work was s ponsored b y Logica. | |||||
| 2234 | [Stev e Henson] | |||||
| 2235 | ||||||
| 2236 | *) Add C ryptoAPI E NGINE to s upport use of RSA an d DSA keys held in W indows | |||||
| 2237 | keyst ores. Supp ort for SS L/TLS clie nt authent ication to o. | |||||
| 2238 | Not c ompiled un less enabl e-capieng specified to Configu re. | |||||
| 2239 | ||||||
| 2240 | This work was s ponsored b y Logica. | |||||
| 2241 | [Stev e Henson] | |||||
| 2242 | ||||||
| 2243 | *) Fix b ug in X509 _ATTRIBUTE creation: dont set attribute using | |||||
| 2244 | ASN1_ TYPE_set1 if MBSTRIN G flag set . This bug would cra sh certain | |||||
| 2245 | attri bute creat ion routin es such as certifcat e requests and PKCS# 12 | |||||
| 2246 | files . | |||||
| 2247 | [Stev e Henson] | |||||
| 2248 | ||||||
| 2249 | Changes b etween 0.9 .8g and 0. 9.8h [28 May 2008] | |||||
| 2250 | ||||||
| 2251 | *) Fix f law if 'Se rver Key e xchange me ssage' is omitted fr om a TLS | |||||
| 2252 | hands hake which could lea d to a cil ent crash as found u sing the | |||||
| 2253 | Coden omicon TLS test suit e (CVE-200 8-1672) | |||||
| 2254 | [Stev e Henson, Mark Cox] | |||||
| 2255 | ||||||
| 2256 | *) Fix d ouble free in TLS se rver name extensions which cou ld lead to | |||||
| 2257 | a rem ote crash found by C odenomicon TLS test suite (CVE -2008-0891 ) | |||||
| 2258 | [Joe Orton] | |||||
| 2259 | ||||||
| 2260 | *) Clear error que ue in SSL_ CTX_use_ce rtificate_ chain_file () | |||||
| 2261 | ||||||
| 2262 | Clear the error queue to ensure tha t error en tries left from | |||||
| 2263 | older function calls do n ot interfe re with th e correct operation. | |||||
| 2264 | [Lutz Jaenicke, Erik de C astro Lopo ] | |||||
| 2265 | ||||||
| 2266 | *) Remov e root CA certificat es of comm ercial CAs : | |||||
| 2267 | ||||||
| 2268 | The O penSSL pro ject does not recomm end any sp ecific CA and does n ot | |||||
| 2269 | have any policy with resp ect to inc luding or excluding any CA. | |||||
| 2270 | There fore it do es not mak e any sens e to ship an arbitra ry selecti on | |||||
| 2271 | of ro ot CA cert ificates w ith the Op enSSL soft ware. | |||||
| 2272 | [Lutz Jaenicke] | |||||
| 2273 | ||||||
| 2274 | *) RSA O AEP patche s to fix t wo separat e invalid memory rea ds. | |||||
| 2275 | The f irst one i nvolves in puts when 'lzero' is greater t han | |||||
| 2276 | 'SHA_ DIGEST_LEN GTH' (it w ould read about SHA_ DIGEST_LEN GTH bytes | |||||
| 2277 | befor e the begi nning of f rom). The second one involves inputs whe re | |||||
| 2278 | the ' db' sectio n contains nothing b ut zeroes (there is a one-byte | |||||
| 2279 | inval id read af ter the en d of 'db') . | |||||
| 2280 | [Ivan Nestlerod e <inestle rode@us.ib m.com>] | |||||
| 2281 | ||||||
| 2282 | *) Parti al backpor t from 0.9 .9-dev: | |||||
| 2283 | ||||||
| 2284 | Intro duce bn_mu l_mont (de dicated Mo ntgomery m ultiplicat ion | |||||
| 2285 | proce dure) as a candidate for BIGNU M assemble r implemen tation. | |||||
| 2286 | While 0.9.9-dev uses asse mbler for various ar chitecture s, only | |||||
| 2287 | x86_6 4 is avail able by de fault here in the 0. 9.8 branch , and | |||||
| 2288 | 32-bi t x86 is a vailable t hrough a c ompile-tim e setting. | |||||
| 2289 | ||||||
| 2290 | To tr y the 32-b it x86 ass embler imp lementatio n, use Con figure | |||||
| 2291 | optio n "enable- montasm" ( which exis ts only fo r this bac kport). | |||||
| 2292 | ||||||
| 2293 | As "e nable-mont asm" for 3 2-bit x86 disclaims code stabi lity | |||||
| 2294 | anywa y, in this constella tion we ac tivate add itional co de | |||||
| 2295 | backp orted from 0.9.9-dev for furth er perform ance impro vements, | |||||
| 2296 | namel y BN_from_ montgomery _word. (T o enable t his otherw ise, | |||||
| 2297 | e.g. x86_64, tr y "-DMONT_ FROM_WORD_ __NON_DEFA ULT_0_9_8_ BUILD".) | |||||
| 2298 | ||||||
| 2299 | [Andy Polyakov (backport partially by Bodo Mo eller)] | |||||
| 2300 | ||||||
| 2301 | *) Add T LS session ticket ca llback. Th is allows an applica tion to se t | |||||
| 2302 | TLS t icket ciph er and HMA C keys rat her than r elying on hardcoded fixed | |||||
| 2303 | value s. This is useful fo r key roll over for e xample whe re several key | |||||
| 2304 | sets may exist with diffe rent names . | |||||
| 2305 | [Stev e Henson] | |||||
| 2306 | ||||||
| 2307 | *) Rever se ENGINE- internal l ogic for c aching def ault ENGIN E handles. | |||||
| 2308 | This was broken until now in 0.9.8 releases, such that the only w ay | |||||
| 2309 | a reg istered EN GINE could be used ( assuming i t initiali ses | |||||
| 2310 | succe ssfully on the host) was to ex plicitly s et it as t he default | |||||
| 2311 | for t he relevan t algorith ms. This i s in contr adiction w ith 0.9.7 | |||||
| 2312 | behav iour and t he documen tation. Wi th this fi x, when an ENGINE is | |||||
| 2313 | regis tered into a given a lgorithm's table of implementa tions, the | |||||
| 2314 | 'upto date' flag is reset so that au to-discove ry will be used next | |||||
| 2315 | time a new cont ext for th at algorit hm attempt s to selec t an | |||||
| 2316 | imple mentation. | |||||
| 2317 | [Ian Lister (tw eaked by G eoff Thorp e)] | |||||
| 2318 | ||||||
| 2319 | *) Backp ort of CMS code to O penSSL 0.9 .8. This d iffers fro m the 0.9. 9 | |||||
| 2320 | imple mention in the follo wing ways: | |||||
| 2321 | ||||||
| 2322 | Lack of EVP_PKE Y_ASN1_MET HOD means algorithm parameters have to b e | |||||
| 2323 | hard coded. | |||||
| 2324 | ||||||
| 2325 | Lack of BER str eaming sup port means one pass streaming processing is | |||||
| 2326 | only supported if data is detached: setting t he streami ng flag is | |||||
| 2327 | ignor ed for emb edded cont ent. | |||||
| 2328 | ||||||
| 2329 | CMS s upport is disabled b y default and must b e explicit ly enabled | |||||
| 2330 | with the enable -cms confi guration o ption. | |||||
| 2331 | [Stev e Henson] | |||||
| 2332 | ||||||
| 2333 | *) Updat e the GMP engine glu e to do di rect copie s between BIGNUM and | |||||
| 2334 | mpz_t when open ssl and GM P use the same limb size. Othe rwise the | |||||
| 2335 | exist ing "conve rsion via a text str ing export " trick is still use d. | |||||
| 2336 | [Paul Sheer <pa ulsheer@gm ail.com>] | |||||
| 2337 | ||||||
| 2338 | *) Zlib compressio n BIO. Thi s is a fil ter BIO wh ich compre ssed and | |||||
| 2339 | uncom presses an y data pas sed throug h it. | |||||
| 2340 | [Stev e Henson] | |||||
| 2341 | ||||||
| 2342 | *) Add A ES_wrap_ke y() and AE S_unwrap_k ey() funct ions to im plement | |||||
| 2343 | RFC33 94 compati ble AES ke y wrapping . | |||||
| 2344 | [Stev e Henson] | |||||
| 2345 | ||||||
| 2346 | *) Add u tility fun ctions to handle ASN 1 structur es. ASN1_S TRING_set0 (): | |||||
| 2347 | sets string dat a without copying. X 509_ALGOR_ set0() and | |||||
| 2348 | X509_ ALGOR_get0 (): set an d retrieve X509_ALGO R (Algorit hmIdentifi er) | |||||
| 2349 | data. Attribute function X509at_get 0_data_by_ OBJ(): ret rieves dat a | |||||
| 2350 | from an X509_AT TRIBUTE st ructure op tionally c hecking it occurs on ly | |||||
| 2351 | once. ASN1_TYPE _set1(): s et and ASN 1_TYPE str ucture cop ying suppl ied | |||||
| 2352 | data. | |||||
| 2353 | [Stev e Henson] | |||||
| 2354 | ||||||
| 2355 | *) Fix B N flag han dling in R SA_eay_mod _exp() and BN_MONT_C TX_set() | |||||
| 2356 | to ge t the expe cted BN_FL G_CONSTTIM E behavior . | |||||
| 2357 | [Bodo Moeller ( Google)] | |||||
| 2358 | ||||||
| 2359 | *) Netwa re support : | |||||
| 2360 | ||||||
| 2361 | - fix ed wrong u sage of io ctlsocket( ) when bui ld for LIB C BSD sock ets | |||||
| 2362 | - fix ed do_test s.pl to ru n the test suite wit h CLIB bui lds too (C LIB_OPT) | |||||
| 2363 | - add ed some mo re tests t o do_tests .pl | |||||
| 2364 | - fix ed Running Process us age so tha t it works with newe r LIBC NDK s too | |||||
| 2365 | - rem oved usage of BN_LLO NG for CLI B builds t o avoid ru ntime depe ndency | |||||
| 2366 | - add ed new Con figure tar gets netwa re-clib-bs dsock, net ware-clib- gcc, | |||||
| 2367 | net ware-clib- bsdsock-gc c, netware -libc-bsds ock-gcc | |||||
| 2368 | - var ious chang es to netw are.pl to enable gcc -cross bui lds on Win 32 | |||||
| 2369 | pla tform | |||||
| 2370 | - cha nged crypt o/bio/b_so ck.c to wo rk with ma cro functi ons (CLIB BSD) | |||||
| 2371 | - var ious chang es to fix missing pr ototype wa rnings | |||||
| 2372 | - fix ed x86nasm .pl to cre ate correc t asm file s for NASM COFF outp ut | |||||
| 2373 | - add ed AES, WH IRLPOOL an d CPUID as sembler co de to buil d files | |||||
| 2374 | - add ed missing AES assem bler make rules to m k1mf.pl | |||||
| 2375 | - fix ed order o f includes in apps/o csp.c so t hat e_os.h settings apply | |||||
| 2376 | [Guen ter Knauf <eflash@gm x.net>] | |||||
| 2377 | ||||||
| 2378 | *) Imple ment certi ficate sta tus reques t TLS exte nsion defi ned in RFC 3546. | |||||
| 2379 | A cli ent can se t the appr opriate pa rameters a nd receive the encod ed | |||||
| 2380 | OCSP response v ia a callb ack. A ser ver can qu ery the su pplied par ameters | |||||
| 2381 | and s et the enc oded OCSP response i n the call back. Add simplified examples | |||||
| 2382 | to s_ client and s_server. | |||||
| 2383 | [Stev e Henson] | |||||
| 2384 | ||||||
| 2385 | Changes b etween 0.9 .8f and 0. 9.8g [19 Oct 2007] | |||||
| 2386 | ||||||
| 2387 | *) Fix v arious bug s: | |||||
| 2388 | + Bin ary incomp atibility of ssl_ctx _st struct ure | |||||
| 2389 | + DTL S interope ration wit h non-comp liant serv ers | |||||
| 2390 | + Don 't call ge t_session_ cb() witho ut propose d session | |||||
| 2391 | + Fix ia64 asse mbler code | |||||
| 2392 | [Andy Polyakov, Steve Hen son] | |||||
| 2393 | ||||||
| 2394 | Changes b etween 0.9 .8e and 0. 9.8f [11 Oct 2007] | |||||
| 2395 | ||||||
| 2396 | *) DTLS Handshake overhaul. There were longstand ing issues with | |||||
| 2397 | OpenS SL DTLS im plementati on, which were makin g it impos sible for | |||||
| 2398 | RFC 4 347 compli ant client to commun icate with OpenSSL s erver. | |||||
| 2399 | Unfor tunately j ust fixing these inc ompatibili ties would "cut off" | |||||
| 2400 | pre-0 .9.8f clie nts. To al low for ha ssle free upgrade po st-0.9.8e | |||||
| 2401 | serve r keeps to lerating n on RFC com pliant syn tax. The o pposite is | |||||
| 2402 | not t rue, 0.9.8 f client c an not com municate w ith earlie r server. | |||||
| 2403 | This update eve n addresse s CVE-2007 -4995. | |||||
| 2404 | [Andy Polyakov] | |||||
| 2405 | ||||||
| 2406 | *) Chang es to avoi d need for function casts in O penSSL: so me compile rs | |||||
| 2407 | (gcc 4.2 and la ter) rejec t their us e. | |||||
| 2408 | [Kurt Roeckx <k urt@roeckx .be>, Pete r Hartley <pdh@utter .chaos.org .uk>, | |||||
| 2409 | Stev e Henson] | |||||
| 2410 | ||||||
| 2411 | *) Add R FC4507 sup port to Op enSSL. Thi s includes the corre ctions in | |||||
| 2412 | RFC45 07bis. The encrypted ticket fo rmat is an encrypted encoded | |||||
| 2413 | SSL_S ESSION str ucture, th at way new session f eatures ar e automati cally | |||||
| 2414 | suppo rted. | |||||
| 2415 | ||||||
| 2416 | If a client app lication c aches sess ion in an SSL_SESSIO N structur e | |||||
| 2417 | suppo rt is tran sparent be cause tick ets are no w stored i n the enco ded | |||||
| 2418 | SSL_S ESSION. | |||||
| 2419 | ||||||
| 2420 | The S SL_CTX str ucture aut omatically generates keys for ticket | |||||
| 2421 | prote ction in s ervers so again supp ort should be possib le | |||||
| 2422 | with no applica tion modif ication. | |||||
| 2423 | ||||||
| 2424 | If a client or server wis hes to dis able RFC45 07 support then the option | |||||
| 2425 | SSL_O P_NO_TICKE T can be s et. | |||||
| 2426 | ||||||
| 2427 | Add a TLS exten sion debug ging callb ack to all ow the con tents of a ny client | |||||
| 2428 | or se rver exten sions to b e examined . | |||||
| 2429 | ||||||
| 2430 | This work was s ponsored b y Google. | |||||
| 2431 | [Stev e Henson] | |||||
| 2432 | ||||||
| 2433 | *) Add i nitial sup port for T LS extensi ons, speci fically fo r the serv er_name | |||||
| 2434 | exten sion so fa r. The SS L_SESSION, SSL_CTX, and SSL da ta structu res now | |||||
| 2435 | have new member s for a ho st name. The SSL da ta structu re has an | |||||
| 2436 | addit ional memb er SSL_CTX *initial_ ctx so tha t new sess ions can b e | |||||
| 2437 | store d in that context to allow for session r esumption, even afte r the | |||||
| 2438 | SSL h as been sw itched to a new SSL_ CTX in rea ction to a client's | |||||
| 2439 | serve r_name ext ension. | |||||
| 2440 | ||||||
| 2441 | New f unctions ( subject to change): | |||||
| 2442 | ||||||
| 2443 | S SL_get_ser vername() | |||||
| 2444 | S SL_get_ser vername_ty pe() | |||||
| 2445 | S SL_set_SSL _CTX() | |||||
| 2446 | ||||||
| 2447 | New C TRL codes and macros (subject to change) : | |||||
| 2448 | ||||||
| 2449 | S SL_CTRL_SE T_TLSEXT_S ERVERNAME_ CB | |||||
| 2450 | - SSL_C TX_set_tls ext_server name_callb ack() | |||||
| 2451 | S SL_CTRL_SE T_TLSEXT_S ERVERNAME_ ARG | |||||
| 2452 | - SSL_CTX_se t_tlsext_s ervername_ arg() | |||||
| 2453 | S SL_CTRL_SE T_TLSEXT_H OSTNAME - SSL_set_tl sext_host_ name() | |||||
| 2454 | ||||||
| 2455 | opens sl s_clien t has a ne w '-server name ...' option. | |||||
| 2456 | ||||||
| 2457 | opens sl s_serve r has new options '- servername _host ...' , '-cert2 ...', | |||||
| 2458 | '-key 2 ...', '- servername _fatal' (s ubject to change). This allow s | |||||
| 2459 | testi ng the Hos tName exte nsion for a specific single ho st name (' -cert' | |||||
| 2460 | and ' -key' rema in fallbac ks for han dshakes wi thout Host Name | |||||
| 2461 | negot iation). If the unr ecogninzed _name aler t has to b e sent, th is by | |||||
| 2462 | defau lt is a wa rning; it becomes fa tal with t he '-serve rname_fata l' | |||||
| 2463 | optio n. | |||||
| 2464 | ||||||
| 2465 | [Pete r Sylveste r, Remy A llais, Chr istophe Re nou, Steve Henson] | |||||
| 2466 | ||||||
| 2467 | *) Add A ES and SSE 2 assembly language support to VC++ buil d. | |||||
| 2468 | [Stev e Henson] | |||||
| 2469 | ||||||
| 2470 | *) Mitig ate attack on final subtractio n in Montg omery redu ction. | |||||
| 2471 | [Andy Polyakov] | |||||
| 2472 | ||||||
| 2473 | *) Fix c rypto/ec/e c_mult.c t o work pro perly with scalars o f value 0 | |||||
| 2474 | (whic h previous ly caused an interna l error). | |||||
| 2475 | [Bodo Moeller] | |||||
| 2476 | ||||||
| 2477 | *) Squee ze another 10% out o f IGE mode when in ! = out. | |||||
| 2478 | [Ben Laurie] | |||||
| 2479 | ||||||
| 2480 | *) AES I GE mode sp eedup. | |||||
| 2481 | [Dean Gaudet (G oogle)] | |||||
| 2482 | ||||||
| 2483 | *) Add t he Korean symmetric 128-bit ci pher SEED (see | |||||
| 2484 | http: //www.kisa .or.kr/kis a/seed/jsp /seed_eng. jsp) and | |||||
| 2485 | add S EED cipher suites fro m RFC 4162 : | |||||
| 2486 | ||||||
| 2487 | TL S_RSA_WITH _SEED_CBC_ SHA = "SEED-SH A" | |||||
| 2488 | TL S_DHE_DSS_ WITH_SEED_ CBC_SHA = "DHE-DSS -SEED-SHA" | |||||
| 2489 | TL S_DHE_RSA_ WITH_SEED_ CBC_SHA = "DHE-RSA -SEED-SHA" | |||||
| 2490 | TL S_DH_anon_ WITH_SEED_ CBC_SHA = "ADH-SEE D-SHA" | |||||
| 2491 | ||||||
| 2492 | To mi nimize cha nges betwe en patchle vels in th e OpenSSL 0.9.8 | |||||
| 2493 | serie s, SEED re mains excl uded from compilatio n unless O penSSL | |||||
| 2494 | is co nfigured w ith 'enabl e-seed'. | |||||
| 2495 | [KISA , Bodo Moe ller] | |||||
| 2496 | ||||||
| 2497 | *) Mitig ate branch predictio n attacks, which can be practi cal if a | |||||
| 2498 | singl e processo r is share d, allowin g a spy pr ocess to e xtract | |||||
| 2499 | infor mation. F or detaile d backgrou nd informa tion, see | |||||
| 2500 | http: //eprint.i acr.org/20 07/039 (O. Aciicmez, S. Gueron , | |||||
| 2501 | J.-P. Seifert, "New Branc h Predicti on Vulnera bilities i n OpenSSL | |||||
| 2502 | and N ecessary S oftware Co untermeasu res"). Th e core of the change | |||||
| 2503 | are n ew version s BN_div_n o_branch() and | |||||
| 2504 | BN_mo d_inverse_ no_branch( ) of BN_di v() and BN _mod_inver se(), | |||||
| 2505 | respe ctively, w hich are s lower, but avoid the security- relevant | |||||
| 2506 | condi tional bra nches. Th ese are au tomaticall y called b y BN_div() | |||||
| 2507 | and B N_mod_inve rse() if t he flag BN _FLG_CONST TIME is se t for one | |||||
| 2508 | of th e input BI GNUMs. Al so, BN_is_ bit_set() has been c hanged to | |||||
| 2509 | remov e a condit ional bran ch. | |||||
| 2510 | ||||||
| 2511 | BN_FL G_CONSTTIM E is the n ew name fo r the prev ious | |||||
| 2512 | BN_FL G_EXP_CONS TTIME flag , since it now affec ts more th an just | |||||
| 2513 | modul ar exponen tiation. (Since Ope nSSL 0.9.7 h, setting this flag | |||||
| 2514 | in th e exponent causes BN _mod_exp_m ont() to u se the alt ernative | |||||
| 2515 | imple mentation in BN_mod_ exp_mont_c onsttime() .) The ol d name | |||||
| 2516 | remai ns as a de precated a lias. | |||||
| 2517 | ||||||
| 2518 | Simil ary, RSA_F LAG_NO_EXP _CONSTTIME is replac ed by a mo re general | |||||
| 2519 | RSA_F LAG_NO_CON STTIME fla g since th e RSA impl ementation now uses | |||||
| 2520 | const ant-time i mplementat ions for m ore than j ust expone ntiation. | |||||
| 2521 | Here too the ol d name is kept as a deprecated alias. | |||||
| 2522 | ||||||
| 2523 | BN_BL INDING_new () will no w use BN_d up() for t he modulus so that | |||||
| 2524 | the B N_BLINDING structure gets an i ndependent copy of t he | |||||
| 2525 | modul us. This means that the previ ous "BIGNU M *m" argu ment to | |||||
| 2526 | BN_BL INDING_new () and to BN_BLINDIN G_create_p aram() now | |||||
| 2527 | essen tially bec omes "cons t BIGNUM * m", althou gh we can' t actually | |||||
| 2528 | chang e this in the header file befo re 0.9.9. It allows | |||||
| 2529 | RSA_s etup_blind ing() to u se BN_with _flags() o n the modu lus to | |||||
| 2530 | enabl e BN_FLG_C ONSTTIME. | |||||
| 2531 | ||||||
| 2532 | [Matt hew D Wood (Intel Co rp)] | |||||
| 2533 | ||||||
| 2534 | *) In th e SSL/TLS server imp lementatio n, be stri ct about s ession ID | |||||
| 2535 | conte xt matchin g (which m atters if an applica tion uses a single | |||||
| 2536 | exter nal cache for differ ent purpos es). Prev iously, | |||||
| 2537 | out-o f-context reuse was forbidden only if SS L_VERIFY_P EER was | |||||
| 2538 | set. This did ensure str ict client verificat ion, but m eant that, | |||||
| 2539 | with applicatio ns using a single ex ternal cac he for qui te | |||||
| 2540 | diffe rent requi rements, c lients cou ld circumv ent cipher suite | |||||
| 2541 | restr ictions fo r a given session ID context b y starting a session | |||||
| 2542 | in a different context. | |||||
| 2543 | [Bodo Moeller] | |||||
| 2544 | ||||||
| 2545 | *) Inclu de "!eNULL " in SSL_D EFAULT_CIP HER_LIST t o make sur e that | |||||
| 2546 | a cip hersuite s tring such as "DEFAU LT:RSA" ca nnot enabl e | |||||
| 2547 | authe ntication- only ciphe rsuites. | |||||
| 2548 | [Bodo Moeller] | |||||
| 2549 | ||||||
| 2550 | *) Updat e the SSL_ get_shared _ciphers() fix CVE-2 006-3738 w hich was | |||||
| 2551 | not c omplete an d could le ad to a po ssible sin gle byte o verflow | |||||
| 2552 | (CVE- 2007-5135) [Ben Laur ie] | |||||
| 2553 | ||||||
| 2554 | Changes b etween 0.9 .8d and 0. 9.8e [23 Feb 2007] | |||||
| 2555 | ||||||
| 2556 | *) Since AES128 an d AES256 ( and simila rly Camell ia128 and | |||||
| 2557 | Camel lia256) sh are a sing le mask bi t in the l ogic of | |||||
| 2558 | ssl/s sl_ciph.c, the code for maskin g out disa bled ciphe rs needs a | |||||
| 2559 | kludg e to work properly i f AES128 i s availabl e and AES2 56 isn't | |||||
| 2560 | (or i f Camellia 128 is ava ilable and Camellia2 56 isn't). | |||||
| 2561 | [Vict or Duchovn i] | |||||
| 2562 | ||||||
| 2563 | *) Fix t he BIT STR ING encodi ng generat ed by cryp to/ec/ec_a sn1.c | |||||
| 2564 | (with in i2d_ECP rivateKey, i2d_ECPKP arameters, i2d_ECPar ameters): | |||||
| 2565 | When a point or a seed is encoded i n a BIT ST RING, we n eed to | |||||
| 2566 | preve nt the rem oval of tr ailing zer o bits to get the pr oper DER | |||||
| 2567 | encod ing. (By default, c rypto/asn1 /a_bitstr. c assumes the case | |||||
| 2568 | of a NamedBitLi st, for wh ich traili ng 0 bits need to be removed.) | |||||
| 2569 | [Bodo Moeller] | |||||
| 2570 | ||||||
| 2571 | *) Have SSL/TLS se rver imple mentation tolerate " mismatched " record | |||||
| 2572 | proto col versio n while re ceiving Cl ientHello even if th e | |||||
| 2573 | Clien tHello is fragmented . (The se rver can't insist on the | |||||
| 2574 | parti cular prot ocol versi on it has chosen bef ore the Se rverHello | |||||
| 2575 | messa ge has inf ormed the client abo ut his cho ice.) | |||||
| 2576 | [Bodo Moeller] | |||||
| 2577 | ||||||
| 2578 | *) Add R FC 3779 su pport. | |||||
| 2579 | [Rob Austein fo r ARIN, Be n Laurie] | |||||
| 2580 | ||||||
| 2581 | *) Load error code s if they are not al ready pres ent instea d of using a | |||||
| 2582 | stati c variable . This all ows them t o be clean ly unloade d and relo aded. | |||||
| 2583 | Impro ve header file funct ion name p arsing. | |||||
| 2584 | [Stev e Henson] | |||||
| 2585 | ||||||
| 2586 | *) exten d SMTP and IMAP prot ocol emula tion in s_ client to use EHLO | |||||
| 2587 | or CA PABILITY h andshake a s required by RFCs. | |||||
| 2588 | [Goet z Babin-Eb ell] | |||||
| 2589 | ||||||
| 2590 | Changes b etween 0.9 .8c and 0. 9.8d [28 Sep 2006] | |||||
| 2591 | ||||||
| 2592 | *) Intro duce limit s to preve nt malicio us keys be ing able t o | |||||
| 2593 | cause a denial of service . (CVE-20 06-2940) | |||||
| 2594 | [Stev e Henson, Bodo Moell er] | |||||
| 2595 | ||||||
| 2596 | *) Fix A SN.1 parsi ng of cert ain invali d structur es that ca n result | |||||
| 2597 | in a denial of service. (CVE-2006- 2937) [St eve Henson ] | |||||
| 2598 | ||||||
| 2599 | *) Fix b uffer over flow in SS L_get_shar ed_ciphers () functio n. | |||||
| 2600 | (CVE- 2006-3738) [Tavis Or mandy and Will Drewr y, Google Security T eam] | |||||
| 2601 | ||||||
| 2602 | *) Fix S SL client code which could cra sh if conn ecting to a | |||||
| 2603 | malic ious SSLv2 server. (CVE-2006- 4343) | |||||
| 2604 | [Tavi s Ormandy and Will D rewry, Goo gle Securi ty Team] | |||||
| 2605 | ||||||
| 2606 | *) Since 0.9.8b, c iphersuite strings n aming expl icit ciphe rsuites | |||||
| 2607 | match only thos e. Before that, "AE S256-SHA" would be i nterpreted | |||||
| 2608 | as a pattern an d match "A ES128-SHA" too (sinc e AES128-S HA got | |||||
| 2609 | the s ame streng th classif ication in 0.9.7h) a s we curre ntly only | |||||
| 2610 | have a single A ES bit in the cipher suite desc ription bi tmap. | |||||
| 2611 | That change, ho wever, als o applied to ciphers uite strin gs such as | |||||
| 2612 | "RC4- MD5" that intentiona lly matche d multiple ciphersui tes -- | |||||
| 2613 | namel y, SSL 2.0 ciphersui tes in add ition to t he more co mmon ones | |||||
| 2614 | from SSL 3.0/TL S 1.0. | |||||
| 2615 | ||||||
| 2616 | So we change th e selectio n algorith m again: N aming an e xplicit | |||||
| 2617 | ciphe rsuite sel ects this one cipher suite, and any other similar | |||||
| 2618 | ciphe rsuite (sa me bitmap) from *oth er* protoc ol version s. | |||||
| 2619 | Thus, "RC4-MD5" again wil l properly select bo th the SSL 2.0 | |||||
| 2620 | ciphe rsuite and the SSL 3 .0/TLS 1.0 ciphersui te. | |||||
| 2621 | ||||||
| 2622 | Since SSL 2.0 d oes not ha ve any cip hersuites for which the | |||||
| 2623 | 128/2 56 bit dis tinction w ould be re levant, th is works f or now. | |||||
| 2624 | The p roper fix will be to use diffe rent bits for AES128 and | |||||
| 2625 | AES25 6, which w ould have avoided th e problems from the beginning; | |||||
| 2626 | howev er, bits a re scarce, so we can only do t his in a n ew release | |||||
| 2627 | (not just a pat chlevel) w hen we can change th e SSL_CIPH ER | |||||
| 2628 | defin ition to s plit the s ingle 'uns igned long mask' bit map into | |||||
| 2629 | multi ple values to extend the avail able space . | |||||
| 2630 | ||||||
| 2631 | [Bodo Moeller] | |||||
| 2632 | ||||||
| 2633 | Changes b etween 0.9 .8b and 0. 9.8c [05 Sep 2006] | |||||
| 2634 | ||||||
| 2635 | *) Avoid PKCS #1 v 1.5 signat ure attack discovere d by Danie l Bleichen bacher | |||||
| 2636 | (CVE- 2006-4339) [Ben Lau rie and Go ogle Secur ity Team] | |||||
| 2637 | ||||||
| 2638 | *) Add A ES IGE and biIGE mod es. | |||||
| 2639 | [Ben Laurie] | |||||
| 2640 | ||||||
| 2641 | *) Chang e the Unix randomnes s entropy gathering to use pol l() when | |||||
| 2642 | possi ble instea d of selec t(), since the latte r has some | |||||
| 2643 | undes irable lim itations. | |||||
| 2644 | [Darr yl Miles v ia Richard Levitte a nd Bodo Mo eller] | |||||
| 2645 | ||||||
| 2646 | *) Disab le "ECCdra ft" cipher suites mor e thorough ly. Now s pecial | |||||
| 2647 | treat ment in ss l/ssl_ciph .s makes s ure that t hese ciphe rsuites | |||||
| 2648 | canno t be impli citly acti vated as p art of, e. g., the "A ES" alias. | |||||
| 2649 | Howev er, please upgrade t o OpenSSL 0.9.9[-dev ] for | |||||
| 2650 | non-e xperimenta l use of t he ECC cip hersuites to get TLS extension | |||||
| 2651 | suppo rt, which is require d for curv e and poin t format n egotiation | |||||
| 2652 | to av oid potent ial handsh ake proble ms. | |||||
| 2653 | [Bodo Moeller] | |||||
| 2654 | ||||||
| 2655 | *) Disab le rogue c iphersuite s: | |||||
| 2656 | ||||||
| 2657 | - SS Lv2 0x08 0 x00 0x80 ( "RC4-64-MD 5") | |||||
| 2658 | - SS Lv3/TLSv1 0x00 0x61 ("EXP1024- RC2-CBC-MD 5") | |||||
| 2659 | - SS Lv3/TLSv1 0x00 0x60 ("EXP1024- RC4-MD5") | |||||
| 2660 | ||||||
| 2661 | The l atter two were purpo rtedly fro m | |||||
| 2662 | draft -ietf-tls- 56-bit-cip hersuites- 0[01].txt, but do no t really | |||||
| 2663 | appea r there. | |||||
| 2664 | ||||||
| 2665 | Also deactivate the remai ning ciphe rsuites fr om | |||||
| 2666 | draft -ietf-tls- 56-bit-cip hersuites- 01.txt. T hese are j ust as | |||||
| 2667 | unoff icial, and the ID ha s long exp ired. | |||||
| 2668 | [Bodo Moeller] | |||||
| 2669 | ||||||
| 2670 | *) Fix R SA blindin g Heisenbu g (problem s sometime s occured on | |||||
| 2671 | dual- core machi nes) and o ther poten tial threa d-safety i ssues. | |||||
| 2672 | [Bodo Moeller] | |||||
| 2673 | ||||||
| 2674 | *) Add t he symmetr ic cipher Camellia ( 128-bit, 1 92-bit, 25 6-bit key | |||||
| 2675 | versi ons), whic h is now a vailable f or royalty -free use | |||||
| 2676 | (see http://inf o.isl.ntt. co.jp/cryp t/eng/info /chiteki.h tml). | |||||
| 2677 | Also, add Camel lia TLS ci phersuites from RFC 4132. | |||||
| 2678 | ||||||
| 2679 | To mi nimize cha nges betwe en patchle vels in th e OpenSSL 0.9.8 | |||||
| 2680 | serie s, Camelli a remains excluded f rom compil ation unle ss OpenSSL | |||||
| 2681 | is co nfigured w ith 'enabl e-camellia '. | |||||
| 2682 | [NTT] | |||||
| 2683 | ||||||
| 2684 | *) Disab le the pad ding bug c heck when compressio n is in us e. The pad ding | |||||
| 2685 | bug c heck assum es the fir st packet is of even length, t his is not | |||||
| 2686 | neces sarily tru e if compr esssion is enabled a nd can res ult in fal se | |||||
| 2687 | posit ives causi ng handsha ke failure . The actu al bug tes t is ancie nt | |||||
| 2688 | code so it is h oped that implementa tions will either ha ve fixed i t by | |||||
| 2689 | now o r any whic h still ha ve the bug do not su pport comp ression. | |||||
| 2690 | [Stev e Henson] | |||||
| 2691 | ||||||
| 2692 | Changes b etween 0.9 .8a and 0. 9.8b [04 May 2006] | |||||
| 2693 | ||||||
| 2694 | *) When applying a cipher ru le check t o see if s tring matc h is an ex plicit | |||||
| 2695 | ciphe r suite an d only mat ch that on e cipher s uite if it is. | |||||
| 2696 | [Stev e Henson] | |||||
| 2697 | ||||||
| 2698 | *) Link in manifes ts for VC+ + if neede d. | |||||
| 2699 | [Aust in Ziegler <halostat ue@gmail.c om>] | |||||
| 2700 | ||||||
| 2701 | *) Updat e support for ECC-ba sed TLS ci phersuites according to | |||||
| 2702 | draft -ietf-tls- ecc-12.txt with prop osed chang es (but wi thout | |||||
| 2703 | TLS e xtensions, which are supported starting with the 0 .9.9 | |||||
| 2704 | branc h, not in the OpenSS L 0.9.8 br anch). | |||||
| 2705 | [Doug las Stebil a] | |||||
| 2706 | ||||||
| 2707 | *) New f unctions E VP_CIPHER_ CTX_new() and EVP_CI PHER_CTX_f ree() to s upport | |||||
| 2708 | opaqu e EVP_CIPH ER_CTX han dling. | |||||
| 2709 | [Stev e Henson] | |||||
| 2710 | ||||||
| 2711 | *) Fixes and enhan cements to zlib comp ression co de. We now only use | |||||
| 2712 | "zlib 1.dll" and use the d efault __c decl calli ng convent ion on Win 32 | |||||
| 2713 | to co nform with the stand ards menti oned here: | |||||
| 2714 | http://ww w.zlib.net /DLL_FAQ.t xt | |||||
| 2715 | Stati c zlib lin king now w orks on Wi ndows and the new -- with-zlib- include | |||||
| 2716 | --wit h-zlib-lib options t o Configur e can be u sed to sup ply the lo cation | |||||
| 2717 | of th e headers and librar y. Gracefu lly handle case wher e zlib lib rary | |||||
| 2718 | can't be loaded . | |||||
| 2719 | [Stev e Henson] | |||||
| 2720 | ||||||
| 2721 | *) Sever al fixes a nd enhance ments to t he OID gen eration co de. The ol d code | |||||
| 2722 | somet imes allow ed invalid OIDs (1.X for X >= 40 for exa mple), cou ldn't | |||||
| 2723 | handl e numbers larger tha n ULONG_MA X, truncat ed printin g and had a | |||||
| 2724 | non s tandard OB J_obj2txt( ) behaviou r. | |||||
| 2725 | [Stev e Henson] | |||||
| 2726 | ||||||
| 2727 | *) Add s upport for building of engines under eng ine/ as sh ared libra ries | |||||
| 2728 | under VC++ buil d system. | |||||
| 2729 | [Stev e Henson] | |||||
| 2730 | ||||||
| 2731 | *) Corre cted the n umerous bu gs in the Win32 path splitter in DSO. | |||||
| 2732 | Hopef ully, we w ill not se e any fals e combinat ion of pat hs any mor e. | |||||
| 2733 | [Rich ard Levitt e] | |||||
| 2734 | ||||||
| 2735 | Changes b etween 0.9 .8 and 0.9 .8a [11 O ct 2005] | |||||
| 2736 | ||||||
| 2737 | *) Remov e the func tionality of SSL_OP_ MSIE_SSLV2 _RSA_PADDI NG | |||||
| 2738 | (part of SSL_OP _ALL). Th is option used to di sable the | |||||
| 2739 | count ermeasure against ma n-in-the-m iddle prot ocol-versi on | |||||
| 2740 | rollb ack in the SSL 2.0 s erver impl ementation , which is a bad | |||||
| 2741 | idea. (CVE-200 5-2969) | |||||
| 2742 | ||||||
| 2743 | [Bodo Moeller; problem po inted out by Yutaka Oiwa (Rese arch Cente r | |||||
| 2744 | for I nformation Security, National Institute of Advance d Industri al | |||||
| 2745 | Scien ce and Tec hnology [A IST], Japa n)] | |||||
| 2746 | ||||||
| 2747 | *) Add t wo functio n to clear and retur n the veri fy paramet er flags. | |||||
| 2748 | [Stev e Henson] | |||||
| 2749 | ||||||
| 2750 | *) Keep cipherlist s sorted i n the sour ce instead of sortin g them at | |||||
| 2751 | runti me, thus r emoving th e need for a lock. | |||||
| 2752 | [Nils Larsch] | |||||
| 2753 | ||||||
| 2754 | *) Avoid some smal l subgroup attacks i n Diffie-H ellman. | |||||
| 2755 | [Nick Mathewson and Ben L aurie] | |||||
| 2756 | ||||||
| 2757 | *) Add f unctions f or well-kn own primes . | |||||
| 2758 | [Nick Mathewson ] | |||||
| 2759 | ||||||
| 2760 | *) Exten ded Window s CE suppo rt. | |||||
| 2761 | [Sato shi Nakamu ra and And y Polyakov ] | |||||
| 2762 | ||||||
| 2763 | *) Initi alize SSL_ METHOD str uctures at compile t ime instea d of durin g | |||||
| 2764 | runti me, thus r emoving th e need for a lock. | |||||
| 2765 | [Stev e Henson] | |||||
| 2766 | ||||||
| 2767 | *) Make PKCS7_decr ypt() work even if n o certific ate is sup plied by | |||||
| 2768 | attem pting to d ecrypt eac h encrypte d key in t urn. Add s upport to | |||||
| 2769 | smime utility. | |||||
| 2770 | [Stev e Henson] | |||||
| 2771 | ||||||
| 2772 | Changes b etween 0.9 .7h and 0. 9.8 [05 J ul 2005] | 5 | Changes b etween 0.9 .7h and 0. 9.8 [05 J ul 2005] | |||
| 2773 | 6 | |||||
| 2774 | [NB: Ope nSSL 0.9.7 i and late r 0.9.7 pa tch levels were rele ased after | |||||
| 2775 | OpenSSL 0.9.8.] | |||||
| 2776 | ||||||
| 2777 | *) Add l ibcrypto.p c and libs sl.pc for those who feel they need them. | 7 | *) Add l ibcrypto.p c and libs sl.pc for those who feel they need them. | |||
| 2778 | [Rich ard Levitt e] | 8 | [Rich ard Levitt e] | |||
| 2779 | 9 | |||||
| 2780 | *) Chang e CA.sh an d CA.pl so they don' t bundle t he CSR and the priva te | 10 | *) Chang e CA.sh an d CA.pl so they don' t bundle t he CSR and the priva te | |||
| 2781 | key i nto the sa me file an y more. | 11 | key i nto the sa me file an y more. | |||
| 2782 | [Rich ard Levitt e] | 12 | [Rich ard Levitt e] | |||
| 2783 | 13 | |||||
| 2784 | *) Add i nitial sup port for W in64, both IA64 and AMD64/x64 flavors. | 14 | *) Add i nitial sup port for W in64, both IA64 and AMD64/x64 flavors. | |||
| 2785 | [Andy Polyakov] | 15 | [Andy Polyakov] | |||
| 2786 | 16 | |||||
| 2787 | *) Add - utf8 comma nd line an d config f ile option to 'ca'. | 17 | *) Add - utf8 comma nd line an d config f ile option to 'ca'. | |||
| 2788 | [Stef an <stf@ud oma.org] | 18 | [Stef an <stf@ud oma.org] | |||
| 2789 | 19 | |||||
| 2790 | *) Remov ed the mac ro des_cry pt(), as i t seems to conflict with some | 20 | *) Remov ed the mac ro des_cry pt(), as i t seems to conflict with some | |||
| 2791 | libra ries. Use DES_crypt (). | 21 | libra ries. Use DES_crypt (). | |||
| 2792 | [Rich ard Levitt e] | 22 | [Rich ard Levitt e] | |||
| 2793 | 23 | |||||
| 2794 | *) Corre ct naming of the 'ch il' and '4 758cca' EN GINEs. Thi s | 24 | *) Corre ct naming of the 'ch il' and '4 758cca' EN GINEs. Thi s | |||
| 2795 | invol ves renami ng the sou rce and ge nerated sh ared-libs for | 25 | invol ves renami ng the sou rce and ge nerated sh ared-libs for | |||
| 2796 | both. The engin es will ac cept the c orrected o r legacy i ds | 26 | both. The engin es will ac cept the c orrected o r legacy i ds | |||
| 2797 | ('nci pher' and '4758_cca' respectiv ely) when binding. N B, | 27 | ('nci pher' and '4758_cca' respectiv ely) when binding. N B, | |||
| 2798 | this only appli es when bu ilding 'sh ared'. | 28 | this only appli es when bu ilding 'sh ared'. | |||
| 2799 | [Cori nna Vinsch en <vinsch en@redhat. com> and G eoff Thorp e] | 29 | [Cori nna Vinsch en <vinsch en@redhat. com> and G eoff Thorp e] | |||
| 2800 | 30 | |||||
| 2801 | *) Add a ttribute f unctions t o EVP_PKEY structure . Modify | 31 | *) Add a ttribute f unctions t o EVP_PKEY structure . Modify | |||
| 2802 | PKCS1 2_create() to recogn ize a CSP name attri bute and | 32 | PKCS1 2_create() to recogn ize a CSP name attri bute and | |||
| 2803 | use i t. Make -C SP option work again in pkcs12 utility. | 33 | use i t. Make -C SP option work again in pkcs12 utility. | |||
| 2804 | [Stev e Henson] | 34 | [Stev e Henson] | |||
| 2805 | 35 | |||||
| 2806 | *) Add n ew functio nality to the bn bli nding code : | 36 | *) Add n ew functio nality to the bn bli nding code : | |||
| 2807 | - aut omatic re- creation o f the BN_B LINDING pa rameters a fter | 37 | - aut omatic re- creation o f the BN_B LINDING pa rameters a fter | |||
| 2808 | a f ixed numbe r of uses (currently 32) | 38 | a f ixed numbe r of uses (currently 32) | |||
| 2809 | - add new funct ion for pa rameter cr eation | 39 | - add new funct ion for pa rameter cr eation | |||
| 2810 | - int roduce fla gs to cont rol the up date behav iour of th e | 40 | - int roduce fla gs to cont rol the up date behav iour of th e | |||
| 2811 | BN_ BLINDING p arameters | 41 | BN_ BLINDING p arameters | |||
| 2812 | - hid e BN_BLIND ING struct ure | 42 | - hid e BN_BLIND ING struct ure | |||
| 2813 | Add a second BN _BLINDING slot to th e RSA stru cture to i mprove | 43 | Add a second BN _BLINDING slot to th e RSA stru cture to i mprove | |||
| 2814 | perfo rmance whe n a single RSA objec t is share d among se veral | 44 | perfo rmance whe n a single RSA objec t is share d among se veral | |||
| 2815 | threa ds. | 45 | threa ds. | |||
| 2816 | [Nils Larsch] | 46 | [Nils Larsch] | |||
| 2817 | 47 | |||||
| 2818 | *) Add s upport for DTLS. | 48 | *) Add s upport for DTLS. | |||
| 2819 | [Nage ndra Modad ugu <nagen dra@cs.sta nford.edu> and Ben L aurie] | 49 | [Nage ndra Modad ugu <nagen dra@cs.sta nford.edu> and Ben L aurie] | |||
| 2820 | 50 | |||||
| 2821 | *) Add s upport for DER encod ed private keys (SSL _FILETYPE_ ASN1) | 51 | *) Add s upport for DER encod ed private keys (SSL _FILETYPE_ ASN1) | |||
| 2822 | to SS L_CTX_use_ PrivateKey _file() an d SSL_use_ PrivateKey _file() | 52 | to SS L_CTX_use_ PrivateKey _file() an d SSL_use_ PrivateKey _file() | |||
| 2823 | [Walt er Goulet] | 53 | [Walt er Goulet] | |||
| 2824 | 54 | |||||
| 2825 | *) Remov e buggy an d incomple tet DH cer t support from | 55 | *) Remov e buggy an d incomple tet DH cer t support from | |||
| 2826 | ssl/s sl_rsa.c a nd ssl/s3_ both.c | 56 | ssl/s sl_rsa.c a nd ssl/s3_ both.c | |||
| 2827 | [Nils Larsch] | 57 | [Nils Larsch] | |||
| 2828 | 58 | |||||
| 2829 | *) Use S HA-1 inste ad of MD5 as the def ault diges t algorith m for | 59 | *) Use S HA-1 inste ad of MD5 as the def ault diges t algorith m for | |||
| 2830 | the a pps/openss l applicat ions. | 60 | the a pps/openss l applicat ions. | |||
| 2831 | [Nils Larsch] | 61 | [Nils Larsch] | |||
| 2832 | 62 | |||||
| 2833 | *) Compi le clean w ith "-Wall -Wmissing -prototype s | 63 | *) Compi le clean w ith "-Wall -Wmissing -prototype s | |||
| 2834 | -Wstr ict-protot ypes -Wmis sing-decla rations -W error". Cu rrently | 64 | -Wstr ict-protot ypes -Wmis sing-decla rations -W error". Cu rrently | |||
| 2835 | DEBUG _SAFESTACK must also be set. | 65 | DEBUG _SAFESTACK must also be set. | |||
| 2836 | [Ben Laurie] | 66 | [Ben Laurie] | |||
| 2837 | 67 | |||||
| 2838 | *) Chang e ./Config ure so tha t certain algorithms can be di sabled by default. | 68 | *) Chang e ./Config ure so tha t certain algorithms can be di sabled by default. | |||
| 2839 | The n ew counter piece to " no-xxx" is "enable-x xx". | 69 | The n ew counter piece to " no-xxx" is "enable-x xx". | |||
| 2840 | 70 | |||||
| 2841 | The p atented RC 5 and MDC2 algorithm s will now be disabl ed unless | 71 | The p atented RC 5 and MDC2 algorithm s will now be disabl ed unless | |||
| 2842 | "enab le-rc5" an d "enable- mdc2", res pectively, are speci fied. | 72 | "enab le-rc5" an d "enable- mdc2", res pectively, are speci fied. | |||
| 2843 | 73 | |||||
| 2844 | (IDEA remains e nabled des pite being patented. This is because ID EA | 74 | (IDEA remains e nabled des pite being patented. This is because ID EA | |||
| 2845 | is fr equently r equired fo r interope rability, and there is no lice nse | 75 | is fr equently r equired fo r interope rability, and there is no lice nse | |||
| 2846 | fee f or non-com mercial us e. As bef ore, "no-i dea" can b e used to | 76 | fee f or non-com mercial us e. As bef ore, "no-i dea" can b e used to | |||
| 2847 | avoid this algo rithm.) | 77 | avoid this algo rithm.) | |||
| 2848 | 78 | |||||
| 2849 | [Bodo Moeller] | 79 | [Bodo Moeller] | |||
| 2850 | 80 | |||||
| 2851 | *) Add p rocessing of proxy c ertificate s (see RFC 3820). T his work w as | 81 | *) Add p rocessing of proxy c ertificate s (see RFC 3820). T his work w as | |||
| 2852 | spons ored by KT H (The Roy al Institu te of Tech nology in Stockholm) and | 82 | spons ored by KT H (The Roy al Institu te of Tech nology in Stockholm) and | |||
| 2853 | EGEE (Enabling Grids for E-science in Europe) . | 83 | EGEE (Enabling Grids for E-science in Europe) . | |||
| 2854 | [Rich ard Levitt e] | 84 | [Rich ard Levitt e] | |||
| 2855 | 85 | |||||
| 2856 | *) RC4 p erformance overhaul on modern architectu res/implem entations, such | 86 | *) RC4 p erformance overhaul on modern architectu res/implem entations, such | |||
| 2857 | as In tel P4, IA -64 and AM D64. | 87 | as In tel P4, IA -64 and AM D64. | |||
| 2858 | [Andy Polyakov] | 88 | [Andy Polyakov] | |||
| 2859 | 89 | |||||
| 2860 | *) New u tility ext ract-secti on.pl. Thi s can be u sed specif y an alter native | 90 | *) New u tility ext ract-secti on.pl. Thi s can be u sed specif y an alter native | |||
| 2861 | secti on number in a pod f ile instea d of havin g to treat each file as | 91 | secti on number in a pod f ile instea d of havin g to treat each file as | |||
| 2862 | a sep arate case in Makefi le. This c an be done by adding two lines to the | 92 | a sep arate case in Makefi le. This c an be done by adding two lines to the | |||
| 2863 | pod f ile: | 93 | pod f ile: | |||
| 2864 | 94 | |||||
| 2865 | =for comment op enssl_sect ion:XXX | 95 | =for comment op enssl_sect ion:XXX | |||
| 2866 | 96 | |||||
| 2867 | The b lank line is mandato ry. | 97 | The b lank line is mandato ry. | |||
| 2868 | 98 | |||||
| 2869 | [Stev e Henson] | 99 | [Stev e Henson] | |||
| 2870 | 100 | |||||
| 2871 | *) New a rguments - certform, -keyform a nd -pass f or s_clien t and s_se rver | 101 | *) New a rguments - certform, -keyform a nd -pass f or s_clien t and s_se rver | |||
| 2872 | to al low altern ative form at key and certifica te files a nd passphr ase | 102 | to al low altern ative form at key and certifica te files a nd passphr ase | |||
| 2873 | sourc es. | 103 | sourc es. | |||
| 2874 | [Stev e Henson] | 104 | [Stev e Henson] | |||
| 2875 | 105 | |||||
| 2876 | *) New s tructure X 509_VERIFY _PARAM whi ch combine s current verify par ameters, | 106 | *) New s tructure X 509_VERIFY _PARAM whi ch combine s current verify par ameters, | |||
| 2877 | updat e associat ed structu res and ad d various utility fu nctions. | 107 | updat e associat ed structu res and ad d various utility fu nctions. | |||
| 2878 | 108 | |||||
| 2879 | Add n ew policy related ve rify param eters, inc lude polic y checking in | 109 | Add n ew policy related ve rify param eters, inc lude polic y checking in | |||
| 2880 | stand ard verify code. Enh ance 'smim e' applica tion with extra para meters | 110 | stand ard verify code. Enh ance 'smim e' applica tion with extra para meters | |||
| 2881 | to su pport poli cy checkin g and prin t out. | 111 | to su pport poli cy checkin g and prin t out. | |||
| 2882 | [Stev e Henson] | 112 | [Stev e Henson] | |||
| 2883 | 113 | |||||
| 2884 | *) Add a new engin e to suppo rt VIA Pad Lock ACE e xtensions in the VIA C3 | 114 | *) Add a new engin e to suppo rt VIA Pad Lock ACE e xtensions in the VIA C3 | |||
| 2885 | Nehem iah proces sors. Thes e extensio ns support AES encry ption in h ardware | 115 | Nehem iah proces sors. Thes e extensio ns support AES encry ption in h ardware | |||
| 2886 | as we ll as RNG (though RN G support is current ly disable d). | 116 | as we ll as RNG (though RN G support is current ly disable d). | |||
| 2887 | [Mich al Ludvig <michal@lo gix.cz>, w ith help f rom Andy P olyakov] | 117 | [Mich al Ludvig <michal@lo gix.cz>, w ith help f rom Andy P olyakov] | |||
| 2888 | 118 | |||||
| 2889 | *) Depre cate BN_[g et|set]_pa rams() fun ctions (th ey were ig nored inte rnally). | 119 | *) Depre cate BN_[g et|set]_pa rams() fun ctions (th ey were ig nored inte rnally). | |||
| 2890 | [Geof f Thorpe] | 120 | [Geof f Thorpe] | |||
| 2891 | 121 | |||||
| 2892 | *) New F IPS 180-2 algorithms , SHA-224/ -256/-384/ -512 are i mplemented . | 122 | *) New F IPS 180-2 algorithms , SHA-224/ -256/-384/ -512 are i mplemented . | |||
| 2893 | [Andy Polyakov and a numb er of othe r people] | 123 | [Andy Polyakov and a numb er of othe r people] | |||
| 2894 | 124 | |||||
| 2895 | *) Impro ved PowerP C platform support. Most notab ly BIGNUM assembler | 125 | *) Impro ved PowerP C platform support. Most notab ly BIGNUM assembler | |||
| 2896 | imple mentation contribute d by IBM. | 126 | imple mentation contribute d by IBM. | |||
| 2897 | [Sure sh Chari, Peter Walt enberg, An dy Polyako v] | 127 | [Sure sh Chari, Peter Walt enberg, An dy Polyako v] | |||
| 2898 | 128 | |||||
| 2899 | *) The n ew 'RSA_ge nerate_key _ex' funct ion now ta kes a BIGN UM for the public | 129 | *) The n ew 'RSA_ge nerate_key _ex' funct ion now ta kes a BIGN UM for the public | |||
| 2900 | expon ent rather than 'uns igned long '. There i s a corres ponding ch ange to | 130 | expon ent rather than 'uns igned long '. There i s a corres ponding ch ange to | |||
| 2901 | the n ew 'rsa_ke ygen' elem ent of the RSA_METHO D structur e. | 131 | the n ew 'rsa_ke ygen' elem ent of the RSA_METHO D structur e. | |||
| 2902 | [Jelt e Jansen, Geoff Thor pe] | 132 | [Jelt e Jansen, Geoff Thor pe] | |||
| 2903 | 133 | |||||
| 2904 | *) Funct ionality f or creatin g the init ial serial number fi le is now | 134 | *) Funct ionality f or creatin g the init ial serial number fi le is now | |||
| 2905 | moved from CA.p l to the ' ca' utilit y with a n ew option -create_se rial. | 135 | moved from CA.p l to the ' ca' utilit y with a n ew option -create_se rial. | |||
| 2906 | 136 | |||||
| 2907 | (Befo re OpenSSL 0.9.7e, C A.pl used to initial ize the se rial | 137 | (Befo re OpenSSL 0.9.7e, C A.pl used to initial ize the se rial | |||
| 2908 | numbe r file to 1, which i s bound to cause pro blems. To avoid | 138 | numbe r file to 1, which i s bound to cause pro blems. To avoid | |||
| 2909 | the p roblems wh ile respec ting compa tibility b etween dif ferent 0.9 .7 | 139 | the p roblems wh ile respec ting compa tibility b etween dif ferent 0.9 .7 | |||
| 2910 | patch levels, 0. 9.7e empl oyed 'open ssl x509 - next_seria l' in | 140 | patch levels, 0. 9.7e empl oyed 'open ssl x509 - next_seria l' in | |||
| 2911 | CA.pl for seria l number i nitializat ion. With the new r elease 0.9 .8, | 141 | CA.pl for seria l number i nitializat ion. With the new r elease 0.9 .8, | |||
| 2912 | we ca n fix the problem di rectly in the 'ca' u tility.) | 142 | we ca n fix the problem di rectly in the 'ca' u tility.) | |||
| 2913 | [Stev e Henson] | 143 | [Stev e Henson] | |||
| 2914 | 144 | |||||
| 2915 | *) Reduc ed header interdepen cies by de claring mo re opaque objects in | 145 | *) Reduc ed header interdepen cies by de claring mo re opaque objects in | |||
| 2916 | ossl_ typ.h. As a conseque nce, inclu ding some headers (e g. engine. h) will | 146 | ossl_ typ.h. As a conseque nce, inclu ding some headers (e g. engine. h) will | |||
| 2917 | give fewer recu rsive incl udes, whic h could br eak lazy s ource code - so | 147 | give fewer recu rsive incl udes, whic h could br eak lazy s ource code - so | |||
| 2918 | this change is covered by the OPENS SL_NO_DEPR ECATED sym bol. As al ways, | 148 | this change is covered by the OPENS SL_NO_DEPR ECATED sym bol. As al ways, | |||
| 2919 | devel opers shou ld define this symbo l when bui lding and using open ssl to | 149 | devel opers shou ld define this symbo l when bui lding and using open ssl to | |||
| 2920 | ensur e they tra ck the rec ommended b ehaviour, interfaces , [etc], b ut | 150 | ensur e they tra ck the rec ommended b ehaviour, interfaces , [etc], b ut | |||
| 2921 | backw ards-compa tible beha viour prev ails when this isn't defined. | 151 | backw ards-compa tible beha viour prev ails when this isn't defined. | |||
| 2922 | [Geof f Thorpe] | 152 | [Geof f Thorpe] | |||
| 2923 | 153 | |||||
| 2924 | *) New f unction X5 09_POLICY_ NODE_print () which p rints out policy nod es. | 154 | *) New f unction X5 09_POLICY_ NODE_print () which p rints out policy nod es. | |||
| 2925 | [Stev e Henson] | 155 | [Stev e Henson] | |||
| 2926 | 156 | |||||
| 2927 | *) Add n ew EVP fun ction EVP_ CIPHER_CTX _rand_key and associ ated funct ionality. | 157 | *) Add n ew EVP fun ction EVP_ CIPHER_CTX _rand_key and associ ated funct ionality. | |||
| 2928 | This will gener ate a rand om key of the approp riate leng th based o n the | 158 | This will gener ate a rand om key of the approp riate leng th based o n the | |||
| 2929 | ciphe r context. The EVP_C IPHER can provide it s own rand om key gen eration | 159 | ciphe r context. The EVP_C IPHER can provide it s own rand om key gen eration | |||
| 2930 | routi ne to supp ort keys o f a specif ic form. T his is use d in the d es and | 160 | routi ne to supp ort keys o f a specif ic form. T his is use d in the d es and | |||
| 2931 | 3des routines t o generate a key of the correc t parity. Update S/M IME | 161 | 3des routines t o generate a key of the correc t parity. Update S/M IME | |||
| 2932 | code to use new functions and hence generate correct pa rity DES k eys. | 162 | code to use new functions and hence generate correct pa rity DES k eys. | |||
| 2933 | Add E VP_CHECK_D ES_KEY #de fine to re turn an er ror if the key is no t | 163 | Add E VP_CHECK_D ES_KEY #de fine to re turn an er ror if the key is no t | |||
| 2934 | valid (weak or incorrect parity). | 164 | valid (weak or incorrect parity). | |||
| 2935 | [Stev e Henson] | 165 | [Stev e Henson] | |||
| 2936 | 166 | |||||
| 2937 | *) Add a local set of CRLs t hat can be used by X 509_verify _cert() as well | 167 | *) Add a local set of CRLs t hat can be used by X 509_verify _cert() as well | |||
| 2938 | as lo oking them up. This is useful when the v erified st ructure ma y contain | 168 | as lo oking them up. This is useful when the v erified st ructure ma y contain | |||
| 2939 | CRLs, for examp le PKCS#7 signedData . Modify P KCS7_verif y() to use any CRLs | 169 | CRLs, for examp le PKCS#7 signedData . Modify P KCS7_verif y() to use any CRLs | |||
| 2940 | prese nt unless the new PK CS7_NO_CRL flag is a sserted. | 170 | prese nt unless the new PK CS7_NO_CRL flag is a sserted. | |||
| 2941 | [Stev e Henson] | 171 | [Stev e Henson] | |||
| 2942 | 172 | |||||
| 2943 | *) Exten d ASN1 oid configura tion modul e. It now additional ly accepts the | 173 | *) Exten d ASN1 oid configura tion modul e. It now additional ly accepts the | |||
| 2944 | synta x: | 174 | synta x: | |||
| 2945 | 175 | |||||
| 2946 | short Name = som e long nam e, 1.2.3.4 | 176 | short Name = som e long nam e, 1.2.3.4 | |||
| 2947 | [Stev e Henson] | 177 | [Stev e Henson] | |||
| 2948 | 178 | |||||
| 2949 | *) Reimp lemented t he BN_CTX implementa tion. Ther e is now n o more sta tic | 179 | *) Reimp lemented t he BN_CTX implementa tion. Ther e is now n o more sta tic | |||
| 2950 | limit ation on t he number of variabl es it can handle nor the depth of the | 180 | limit ation on t he number of variabl es it can handle nor the depth of the | |||
| 2951 | "stac k" handlin g for BN_C TX_start() /BN_CTX_en d() pairs. The stack | 181 | "stac k" handlin g for BN_C TX_start() /BN_CTX_en d() pairs. The stack | |||
| 2952 | infor mation can now expan d as requi red, and r ather than having a single | 182 | infor mation can now expan d as requi red, and r ather than having a single | |||
| 2953 | stati c array of bignums, BN_CTX now uses a li nked-list of such ar rays | 183 | stati c array of bignums, BN_CTX now uses a li nked-list of such ar rays | |||
| 2954 | allow ing it to expand on demand whi lst mainta ining the usefulness of | 184 | allow ing it to expand on demand whi lst mainta ining the usefulness of | |||
| 2955 | BN_CT X's "bundl ing". | 185 | BN_CT X's "bundl ing". | |||
| 2956 | [Geof f Thorpe] | 186 | [Geof f Thorpe] | |||
| 2957 | 187 | |||||
| 2958 | *) Add a missing B N_CTX para meter to t he 'rsa_mo d_exp' cal lback in R SA_METHOD | 188 | *) Add a missing B N_CTX para meter to t he 'rsa_mo d_exp' cal lback in R SA_METHOD | |||
| 2959 | to al low all RS A operatio ns to func tion using a single BN_CTX. | 189 | to al low all RS A operatio ns to func tion using a single BN_CTX. | |||
| 2960 | [Geof f Thorpe] | 190 | [Geof f Thorpe] | |||
| 2961 | 191 | |||||
| 2962 | *) Preli minary sup port for c ertificate policy ev aluation a nd checkin g. This | 192 | *) Preli minary sup port for c ertificate policy ev aluation a nd checkin g. This | |||
| 2963 | is in itially in tended to pass the t ests outli ned in "Co nformance Testing | 193 | is in itially in tended to pass the t ests outli ned in "Co nformance Testing | |||
| 2964 | of Re lying Part y Client C ertificate Path Proc essing Log ic" v1.07. | 194 | of Re lying Part y Client C ertificate Path Proc essing Log ic" v1.07. | |||
| 2965 | [Stev e Henson] | 195 | [Stev e Henson] | |||
| 2966 | 196 | |||||
| 2967 | *) bn_du p_expand() has been deprecated , it was i ntroduced in 0.9.7 a nd | 197 | *) bn_du p_expand() has been deprecated , it was i ntroduced in 0.9.7 a nd | |||
| 2968 | remai ned unused and not t hat useful . A variet y of other little bi gnum | 198 | remai ned unused and not t hat useful . A variet y of other little bi gnum | |||
| 2969 | tweak s and fixe s have als o been mad e continui ng on from the audit (see | 199 | tweak s and fixe s have als o been mad e continui ng on from the audit (see | |||
| 2970 | below ). | 200 | below ). | |||
| 2971 | [Geof f Thorpe] | 201 | [Geof f Thorpe] | |||
| 2972 | 202 | |||||
| 2973 | *) Const ify all or almost al l d2i, c2i , s2i and r2i functi ons, along with | 203 | *) Const ify all or almost al l d2i, c2i , s2i and r2i functi ons, along with | |||
| 2974 | assoc iated ASN1 , EVP and SSL functi ons and ol d ASN1 mac ros. | 204 | assoc iated ASN1 , EVP and SSL functi ons and ol d ASN1 mac ros. | |||
| 2975 | [Rich ard Levitt e] | 205 | [Rich ard Levitt e] | |||
| 2976 | 206 | |||||
| 2977 | *) BN_ze ro() only needs to s et 'top' a nd 'neg' t o zero for correct r esults, | 207 | *) BN_ze ro() only needs to s et 'top' a nd 'neg' t o zero for correct r esults, | |||
| 2978 | and t his should never fai l. So the return val ue from th e use of | 208 | and t his should never fai l. So the return val ue from th e use of | |||
| 2979 | BN_se t_word() ( which can fail due t o needless expansion ) is now d eprecated; | 209 | BN_se t_word() ( which can fail due t o needless expansion ) is now d eprecated; | |||
| 2980 | if OP ENSSL_NO_D EPRECATED is defined , BN_zero( ) is a voi d macro. | 210 | if OP ENSSL_NO_D EPRECATED is defined , BN_zero( ) is a voi d macro. | |||
| 2981 | [Geof f Thorpe] | 211 | [Geof f Thorpe] | |||
| 2982 | 212 | |||||
| 2983 | *) BN_CT X_get() sh ould retur n zero-val ued bignum s, providi ng the sam e | 213 | *) BN_CT X_get() sh ould retur n zero-val ued bignum s, providi ng the sam e | |||
| 2984 | initi alised val ue as BN_n ew(). | 214 | initi alised val ue as BN_n ew(). | |||
| 2985 | [Geof f Thorpe, suggested by Ulf Möl ler] | 215 | [Geof f Thorpe, suggested by Ulf Möl ler] | |||
| 2986 | 216 | |||||
| 2987 | *) Suppo rt for inh ibitAnyPol icy certif icate exte nsion. | 217 | *) Suppo rt for inh ibitAnyPol icy certif icate exte nsion. | |||
| 2988 | [Stev e Henson] | 218 | [Stev e Henson] | |||
| 2989 | 219 | |||||
| 2990 | *) An au dit of the BIGNUM co de is unde rway, for which debu gging code is | 220 | *) An au dit of the BIGNUM co de is unde rway, for which debu gging code is | |||
| 2991 | enabl ed when BN _DEBUG is defined. T his makes stricter e nforcement s on what | 221 | enabl ed when BN _DEBUG is defined. T his makes stricter e nforcement s on what | |||
| 2992 | is co nsidered v alid when processing BIGNUMs, and causes execution to | 222 | is co nsidered v alid when processing BIGNUMs, and causes execution to | |||
| 2993 | asser t() when a problem i s discover ed. If BN_ DEBUG_RAND is define d, | 223 | asser t() when a problem i s discover ed. If BN_ DEBUG_RAND is define d, | |||
| 2994 | furth er steps a re taken t o delibera tely pollu te unused data in BI GNUM | 224 | furth er steps a re taken t o delibera tely pollu te unused data in BI GNUM | |||
| 2995 | struc tures to t ry and exp ose faulty code furt her on. Fo r now, ope nssl will | 225 | struc tures to t ry and exp ose faulty code furt her on. Fo r now, ope nssl will | |||
| 2996 | (in i ts default mode of o peration) continue t o tolerate the incon sistent | 226 | (in i ts default mode of o peration) continue t o tolerate the incon sistent | |||
| 2997 | forms that it h as tolerat ed in the past, but authors an d packager s should | 227 | forms that it h as tolerat ed in the past, but authors an d packager s should | |||
| 2998 | consi der trying openssl a nd their o wn applica tions when compiled with | 228 | consi der trying openssl a nd their o wn applica tions when compiled with | |||
| 2999 | these debugging symbols d efined. It will help highlight potential bugs in | 229 | these debugging symbols d efined. It will help highlight potential bugs in | |||
| 3000 | their own code, and will improve th e test cov erage for OpenSSL it self. At | 230 | their own code, and will improve th e test cov erage for OpenSSL it self. At | |||
| 3001 | some point, the se tighter rules wil l become o penssl's d efault to improve | 231 | some point, the se tighter rules wil l become o penssl's d efault to improve | |||
| 3002 | maint ainability , though t he assert( )s and oth er overhea ds will re main only | 232 | maint ainability , though t he assert( )s and oth er overhea ds will re main only | |||
| 3003 | in de bugging co nfiguratio ns. See bn .h for mor e details. | 233 | in de bugging co nfiguratio ns. See bn .h for mor e details. | |||
| 3004 | [Geof f Thorpe, Nils Larsc h, Ulf Möl ler] | 234 | [Geof f Thorpe, Nils Larsc h, Ulf Möl ler] | |||
| 3005 | 235 | |||||
| 3006 | *) BN_CT X_init() h as been de precated, as BN_CTX is an opaq ue structu re | 236 | *) BN_CT X_init() h as been de precated, as BN_CTX is an opaq ue structu re | |||
| 3007 | that can only b e obtained through B N_CTX_new( ) (which i mplicitly | 237 | that can only b e obtained through B N_CTX_new( ) (which i mplicitly | |||
| 3008 | initi alises it) . The pres ence of th is functio n only mad e it possi ble | 238 | initi alises it) . The pres ence of th is functio n only mad e it possi ble | |||
| 3009 | to ov erwrite an existing structure (and cause memory le aks). | 239 | to ov erwrite an existing structure (and cause memory le aks). | |||
| 3010 | [Geof f Thorpe] | 240 | [Geof f Thorpe] | |||
| 3011 | 241 | |||||
| 3012 | *) Becau se of the callback-b ased appro ach for im plementing LHASH as a | 242 | *) Becau se of the callback-b ased appro ach for im plementing LHASH as a | |||
| 3013 | templ ate type, lh_insert( ) adds opa que object s to hash- tables and | 243 | templ ate type, lh_insert( ) adds opa que object s to hash- tables and | |||
| 3014 | lh_do all() or l h_doall_ar g() are ty pically us ed with a destructor callback | 244 | lh_do all() or l h_doall_ar g() are ty pically us ed with a destructor callback | |||
| 3015 | to cl ean up tho se corresp onding obj ects befor e destroyi ng the has h table | 245 | to cl ean up tho se corresp onding obj ects befor e destroyi ng the has h table | |||
| 3016 | (and losing the object po inters). S o some ove r-zealous constifica tions in | 246 | (and losing the object po inters). S o some ove r-zealous constifica tions in | |||
| 3017 | LHASH have been relaxed s o that lh_ insert() d oes not ta ke (nor st ore) the | 247 | LHASH have been relaxed s o that lh_ insert() d oes not ta ke (nor st ore) the | |||
| 3018 | objec ts as "con st" and th e lh_doall [_arg] cal lback wrap pers are n ot | 248 | objec ts as "con st" and th e lh_doall [_arg] cal lback wrap pers are n ot | |||
| 3019 | proto typed to h ave "const " restrict ions on th e object p ointers th ey are | 249 | proto typed to h ave "const " restrict ions on th e object p ointers th ey are | |||
| 3020 | given (and so a ren't requ ired to ca st them aw ay any mor e). | 250 | given (and so a ren't requ ired to ca st them aw ay any mor e). | |||
| 3021 | [Geof f Thorpe] | 251 | [Geof f Thorpe] | |||
| 3022 | 252 | |||||
| 3023 | *) The t mdiff.h AP I was so u gly and mi nimal that our own t iming util ity | 253 | *) The t mdiff.h AP I was so u gly and mi nimal that our own t iming util ity | |||
| 3024 | (spee d) prefers to use it s own impl ementation . The two implementa tions | 254 | (spee d) prefers to use it s own impl ementation . The two implementa tions | |||
| 3025 | haven 't been co nsolidated as yet (v olunteers? ) but the tmdiff API has had | 255 | haven 't been co nsolidated as yet (v olunteers? ) but the tmdiff API has had | |||
| 3026 | its o bject type properly exposed (M S_TM) inst ead of cas ting to/fr om "char | 256 | its o bject type properly exposed (M S_TM) inst ead of cas ting to/fr om "char | |||
| 3027 | *". T his may st ill change yet if so meone real ises MS_TM and "ms_t ime_***" | 257 | *". T his may st ill change yet if so meone real ises MS_TM and "ms_t ime_***" | |||
| 3028 | aren' t necessar ily the gr eatest nom enclatures - but thi s is what was used | 258 | aren' t necessar ily the gr eatest nom enclatures - but thi s is what was used | |||
| 3029 | inter nally to t he impleme ntation so I've used that for now. | 259 | inter nally to t he impleme ntation so I've used that for now. | |||
| 3030 | [Geof f Thorpe] | 260 | [Geof f Thorpe] | |||
| 3031 | 261 | |||||
| 3032 | *) Ensur e that dep recated fu nctions do not get c ompiled wh en | 262 | *) Ensur e that dep recated fu nctions do not get c ompiled wh en | |||
| 3033 | OPENS SL_NO_DEPR ECATED is defined. S ome "opens sl" subcom mands and a few of | 263 | OPENS SL_NO_DEPR ECATED is defined. S ome "opens sl" subcom mands and a few of | |||
| 3034 | the s elf-tests were still using dep recated ke y-generati on functio ns so | 264 | the s elf-tests were still using dep recated ke y-generati on functio ns so | |||
| 3035 | these have been updated a lso. | 265 | these have been updated a lso. | |||
| 3036 | [Geof f Thorpe] | 266 | [Geof f Thorpe] | |||
| 3037 | 267 | |||||
| 3038 | *) Reorg anise PKCS #7 code to separate the digest location functional ity | 268 | *) Reorg anise PKCS #7 code to separate the digest location functional ity | |||
| 3039 | into PKCS7_find _digest(), digest ad dtion into PKCS7_bio _add_diges t(). | 269 | into PKCS7_find _digest(), digest ad dtion into PKCS7_bio _add_diges t(). | |||
| 3040 | New f unction PK CS7_set_di gest() to set the di gest type for PKCS#7 | 270 | New f unction PK CS7_set_di gest() to set the di gest type for PKCS#7 | |||
| 3041 | diges tedData ty pe. Add ad ditional c ode to cor rectly gen erate the | 271 | diges tedData ty pe. Add ad ditional c ode to cor rectly gen erate the | |||
| 3042 | diges tedData ty pe and add support f or this ty pe in PKCS 7 initiali zation | 272 | diges tedData ty pe and add support f or this ty pe in PKCS 7 initiali zation | |||
| 3043 | funct ions. | 273 | funct ions. | |||
| 3044 | [Stev e Henson] | 274 | [Stev e Henson] | |||
| 3045 | 275 | |||||
| 3046 | *) New f unction PK CS7_set0_t ype_other( ) this ini tializes a PKCS7 | 276 | *) New f unction PK CS7_set0_t ype_other( ) this ini tializes a PKCS7 | |||
| 3047 | struc ture of ty pe "other" . | 277 | struc ture of ty pe "other" . | |||
| 3048 | [Stev e Henson] | 278 | [Stev e Henson] | |||
| 3049 | 279 | |||||
| 3050 | *) Fix p rime gener ation loop in crypto /bn/bn_pri me.pl by m aking | 280 | *) Fix p rime gener ation loop in crypto /bn/bn_pri me.pl by m aking | |||
| 3051 | sure the loop d oes correc tly stop a nd breakin g ("divisi on by zero ") | 281 | sure the loop d oes correc tly stop a nd breakin g ("divisi on by zero ") | |||
| 3052 | modul us operati ons are no t performe d. The (pr e-generate d) prime | 282 | modul us operati ons are no t performe d. The (pr e-generate d) prime | |||
| 3053 | table crypto/bn /bn_prime. h was alre ady correc t, but it could not be | 283 | table crypto/bn /bn_prime. h was alre ady correc t, but it could not be | |||
| 3054 | re-ge nerated on some plat forms beca use of the "division by zero" | 284 | re-ge nerated on some plat forms beca use of the "division by zero" | |||
| 3055 | situa tion in th e script. | 285 | situa tion in th e script. | |||
| 3056 | [Ralf S. Engels chall] | 286 | [Ralf S. Engels chall] | |||
| 3057 | 287 | |||||
| 3058 | *) Updat e support for ECC-ba sed TLS ci phersuites according to | 288 | *) Updat e support for ECC-ba sed TLS ci phersuites according to | |||
| 3059 | draft -ietf-tls- ecc-03.txt : the KDF1 key deriv ation func tion with | 289 | draft -ietf-tls- ecc-03.txt : the KDF1 key deriv ation func tion with | |||
| 3060 | SHA-1 now is on ly used fo r "small" curves (wh ere the | 290 | SHA-1 now is on ly used fo r "small" curves (wh ere the | |||
| 3061 | repre sentation of a field element t akes up to 24 bytes) ; for | 291 | repre sentation of a field element t akes up to 24 bytes) ; for | |||
| 3062 | large r curves, the field element re sulting fr om ECDH is directly | 292 | large r curves, the field element re sulting fr om ECDH is directly | |||
| 3063 | used as premast er secret. | 293 | used as premast er secret. | |||
| 3064 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | 294 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | |||
| 3065 | 295 | |||||
| 3066 | *) Add c ode for kP +lQ timing s to crypt o/ec/ectes t.c, and a dd SEC2 | 296 | *) Add c ode for kP +lQ timing s to crypt o/ec/ectes t.c, and a dd SEC2 | |||
| 3067 | curve secp160r1 to the te sts. | 297 | curve secp160r1 to the te sts. | |||
| 3068 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | 298 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | |||
| 3069 | 299 | |||||
| 3070 | *) Add t he possibi lity to lo ad symbols globally with DSO. | 300 | *) Add t he possibi lity to lo ad symbols globally with DSO. | |||
| 3071 | [Götz Babin-Ebe ll <babin- ebell@trus tcenter.de > via Rich ard Levitt e] | 301 | [Götz Babin-Ebe ll <babin- ebell@trus tcenter.de > via Rich ard Levitt e] | |||
| 3072 | 302 | |||||
| 3073 | *) Add t he functio ns ERR_set _mark() an d ERR_pop_ to_mark() for better | 303 | *) Add t he functio ns ERR_set _mark() an d ERR_pop_ to_mark() for better | |||
| 3074 | contr ol of the error stac k. | 304 | contr ol of the error stac k. | |||
| 3075 | [Rich ard Levitt e] | 305 | [Rich ard Levitt e] | |||
| 3076 | 306 | |||||
| 3077 | *) Add s upport for STORE in ENGINE. | 307 | *) Add s upport for STORE in ENGINE. | |||
| 3078 | [Rich ard Levitt e] | 308 | [Rich ard Levitt e] | |||
| 3079 | 309 | |||||
| 3080 | *) Add t he STORE t ype. The intention is to prov ide a comm on interfa ce | 310 | *) Add t he STORE t ype. The intention is to prov ide a comm on interfa ce | |||
| 3081 | to ce rtificate and key st ores, be t hey simple file-base d stores, or | 311 | to ce rtificate and key st ores, be t hey simple file-base d stores, or | |||
| 3082 | HSM-t ype store, or LDAP s tores, or. .. | 312 | HSM-t ype store, or LDAP s tores, or. .. | |||
| 3083 | NOTE: The code is current ly UNTESTE D and isn' t really u sed anywhe re. | 313 | NOTE: The code is current ly UNTESTE D and isn' t really u sed anywhe re. | |||
| 3084 | [Rich ard Levitt e] | 314 | [Rich ard Levitt e] | |||
| 3085 | 315 | |||||
| 3086 | *) Add a generic s tructure c alled OPEN SSL_ITEM. This can be used to | 316 | *) Add a generic s tructure c alled OPEN SSL_ITEM. This can be used to | |||
| 3087 | pass a list of arguments to any fun ction as w ell as pro vide a way | 317 | pass a list of arguments to any fun ction as w ell as pro vide a way | |||
| 3088 | for a function to pass da ta back to the calle r. | 318 | for a function to pass da ta back to the calle r. | |||
| 3089 | [Rich ard Levitt e] | 319 | [Rich ard Levitt e] | |||
| 3090 | 320 | |||||
| 3091 | *) Add t he functio ns BUF_str ndup() and BUF_memdu p(). BUF_ strndup() | 321 | *) Add t he functio ns BUF_str ndup() and BUF_memdu p(). BUF_ strndup() | |||
| 3092 | works like BUF_ strdup() b ut can be used to du plicate a portion of | 322 | works like BUF_ strdup() b ut can be used to du plicate a portion of | |||
| 3093 | a str ing. The copy gets NUL-termin ated. BUF _memdup() duplicates | 323 | a str ing. The copy gets NUL-termin ated. BUF _memdup() duplicates | |||
| 3094 | a mem ory area. | 324 | a mem ory area. | |||
| 3095 | [Rich ard Levitt e] | 325 | [Rich ard Levitt e] | |||
| 3096 | 326 | |||||
| 3097 | *) Add t he functio n sk_find_ ex() which works lik e sk_find( ), but wil l | 327 | *) Add t he functio n sk_find_ ex() which works lik e sk_find( ), but wil l | |||
| 3098 | retur n an index to an ele ment even if an exac t match co uldn't be | 328 | retur n an index to an ele ment even if an exac t match co uldn't be | |||
| 3099 | found . The ind ex is guar anteed to point at t he element where the | 329 | found . The ind ex is guar anteed to point at t he element where the | |||
| 3100 | searc hed-for ke y would be inserted to preserv e sorting order. | 330 | searc hed-for ke y would be inserted to preserv e sorting order. | |||
| 3101 | [Rich ard Levitt e] | 331 | [Rich ard Levitt e] | |||
| 3102 | 332 | |||||
| 3103 | *) Add t he functio n OBJ_bsea rch_ex() w hich works like OBJ_ bsearch() but | 333 | *) Add t he functio n OBJ_bsea rch_ex() w hich works like OBJ_ bsearch() but | |||
| 3104 | takes an extra flags argu ment for o ptional fu nctionalit y. Curren tly, | 334 | takes an extra flags argu ment for o ptional fu nctionalit y. Curren tly, | |||
| 3105 | the f ollowing f lags are d efined: | 335 | the f ollowing f lags are d efined: | |||
| 3106 | 336 | |||||
| 3107 | OB J_BSEARCH_ VALUE_ON_N OMATCH | 337 | OB J_BSEARCH_ VALUE_ON_N OMATCH | |||
| 3108 | Th is one get s OBJ_bsea rch_ex() t o return a pointer t o the firs t | 338 | Th is one get s OBJ_bsea rch_ex() t o return a pointer t o the firs t | |||
| 3109 | el ement wher e the comp aring func tion retur ns a negat ive or zer o | 339 | el ement wher e the comp aring func tion retur ns a negat ive or zer o | |||
| 3110 | nu mber. | 340 | nu mber. | |||
| 3111 | 341 | |||||
| 3112 | OB J_BSEARCH_ FIRST_VALU E_ON_MATCH | 342 | OB J_BSEARCH_ FIRST_VALU E_ON_MATCH | |||
| 3113 | Th is one get s OBJ_bsea rch_ex() t o return a pointer t o the firs t | 343 | Th is one get s OBJ_bsea rch_ex() t o return a pointer t o the firs t | |||
| 3114 | el ement wher e the comp aring func tion retur ns zero. This is us eful | 344 | el ement wher e the comp aring func tion retur ns zero. This is us eful | |||
| 3115 | if there are more than one eleme nt where t he compari ng functio n | 345 | if there are more than one eleme nt where t he compari ng functio n | |||
| 3116 | re turns zero . | 346 | re turns zero . | |||
| 3117 | [Rich ard Levitt e] | 347 | [Rich ard Levitt e] | |||
| 3118 | 348 | |||||
| 3119 | *) Make it possibl e to creat e self-sig ned certif icates wit h 'openssl ca' | 349 | *) Make it possibl e to creat e self-sig ned certif icates wit h 'openssl ca' | |||
| 3120 | in su ch a way t hat the se lf-signed certificat e becomes part of th e | 350 | in su ch a way t hat the se lf-signed certificat e becomes part of th e | |||
| 3121 | CA da tabase and uses the same mecha nisms for serial num ber genera tion | 351 | CA da tabase and uses the same mecha nisms for serial num ber genera tion | |||
| 3122 | as al l other ce rtificate signing. The new fl ag '-selfs ign' enabl es | 352 | as al l other ce rtificate signing. The new fl ag '-selfs ign' enabl es | |||
| 3123 | this functional ity. Adap t CA.sh an d CA.pl.in . | 353 | this functional ity. Adap t CA.sh an d CA.pl.in . | |||
| 3124 | [Rich ard Levitt e] | 354 | [Rich ard Levitt e] | |||
| 3125 | 355 | |||||
| 3126 | *) Add f unctionali ty to chec k the publ ic key of a certific ate reques t | 356 | *) Add f unctionali ty to chec k the publ ic key of a certific ate reques t | |||
| 3127 | again st a given private. This is u seful to c heck that a certific ate | 357 | again st a given private. This is u seful to c heck that a certific ate | |||
| 3128 | reque st can be signed by that key ( self-signi ng). | 358 | reque st can be signed by that key ( self-signi ng). | |||
| 3129 | [Rich ard Levitt e] | 359 | [Rich ard Levitt e] | |||
| 3130 | 360 | |||||
| 3131 | *) Make it possibl e to have multiple a ctive cert ificates w ith the sa me | 361 | *) Make it possibl e to have multiple a ctive cert ificates w ith the sa me | |||
| 3132 | subje ct in the CA index f ile. This is done o nly if the keyword | 362 | subje ct in the CA index f ile. This is done o nly if the keyword | |||
| 3133 | 'uniq ue_subject ' is set t o 'no' in the main C A section (default | 363 | 'uniq ue_subject ' is set t o 'no' in the main C A section (default | |||
| 3134 | if 'C A_default' ) of the c onfigurati on file. The value is saved | 364 | if 'C A_default' ) of the c onfigurati on file. The value is saved | |||
| 3135 | with the databa se itself in a separ ate index attribute file, | 365 | with the databa se itself in a separ ate index attribute file, | |||
| 3136 | named like the index file with '.at tr' append ed to the name. | 366 | named like the index file with '.at tr' append ed to the name. | |||
| 3137 | [Rich ard Levitt e] | 367 | [Rich ard Levitt e] | |||
| 3138 | 368 | |||||
| 3139 | *) Gener ate muti v alued AVAs using '+' notation in config files for | 369 | *) Gener ate muti v alued AVAs using '+' notation in config files for | |||
| 3140 | req a nd dirName . | 370 | req a nd dirName . | |||
| 3141 | [Stev e Henson] | 371 | [Stev e Henson] | |||
| 3142 | 372 | |||||
| 3143 | *) Suppo rt for nam eConstrain ts certifi cate exten sion. | 373 | *) Suppo rt for nam eConstrain ts certifi cate exten sion. | |||
| 3144 | [Stev e Henson] | 374 | [Stev e Henson] | |||
| 3145 | 375 | |||||
| 3146 | *) Suppo rt for pol icyConstra ints certi ficate ext ension. | 376 | *) Suppo rt for pol icyConstra ints certi ficate ext ension. | |||
| 3147 | [Stev e Henson] | 377 | [Stev e Henson] | |||
| 3148 | 378 | |||||
| 3149 | *) Suppo rt for pol icyMapping s certific ate extens ion. | 379 | *) Suppo rt for pol icyMapping s certific ate extens ion. | |||
| 3150 | [Stev e Henson] | 380 | [Stev e Henson] | |||
| 3151 | 381 | |||||
| 3152 | *) Make sure the d efault DSA _METHOD im plementati on only us es its | 382 | *) Make sure the d efault DSA _METHOD im plementati on only us es its | |||
| 3153 | dsa_m od_exp() a nd/or bn_m od_exp() h andlers if they are non-NULL, | 383 | dsa_m od_exp() a nd/or bn_m od_exp() h andlers if they are non-NULL, | |||
| 3154 | and c hange its own handle rs to be N ULL so as to remove unnecessar y | 384 | and c hange its own handle rs to be N ULL so as to remove unnecessar y | |||
| 3155 | indir ection. Th is lets al ternative implementa tions fall back to th e | 385 | indir ection. Th is lets al ternative implementa tions fall back to th e | |||
| 3156 | defau lt impleme ntation mo re easily. | 386 | defau lt impleme ntation mo re easily. | |||
| 3157 | [Geof f Thorpe] | 387 | [Geof f Thorpe] | |||
| 3158 | 388 | |||||
| 3159 | *) Suppo rt for dir ectoryName in Genera lName rela ted extens ions | 389 | *) Suppo rt for dir ectoryName in Genera lName rela ted extens ions | |||
| 3160 | in co nfig files . | 390 | in co nfig files . | |||
| 3161 | [Stev e Henson] | 391 | [Stev e Henson] | |||
| 3162 | 392 | |||||
| 3163 | *) Make it possibl e to link applicatio ns using M akefile.sh ared. | 393 | *) Make it possibl e to link applicatio ns using M akefile.sh ared. | |||
| 3164 | Make that possi ble even w hen linkin g against static lib raries! | 394 | Make that possi ble even w hen linkin g against static lib raries! | |||
| 3165 | [Rich ard Levitt e] | 395 | [Rich ard Levitt e] | |||
| 3166 | 396 | |||||
| 3167 | *) Suppo rt for sin gle pass p rocessing for S/MIME signing. This now | 397 | *) Suppo rt for sin gle pass p rocessing for S/MIME signing. This now | |||
| 3168 | means that S/MI ME signing can be do ne from a pipe, in a ddition | 398 | means that S/MI ME signing can be do ne from a pipe, in a ddition | |||
| 3169 | clear text signi ng (multip art/signed type) is effectivel y streamin g | 399 | clear text signi ng (multip art/signed type) is effectivel y streamin g | |||
| 3170 | and t he signed data does not need t o be all h eld in mem ory. | 400 | and t he signed data does not need t o be all h eld in mem ory. | |||
| 3171 | 401 | |||||
| 3172 | This is done wi th a new f lag PKCS7_ STREAM. Wh en this fl ag is set | 402 | This is done wi th a new f lag PKCS7_ STREAM. Wh en this fl ag is set | |||
| 3173 | PKCS7 _sign() on ly initial izes the P KCS7 struc ture and t he actual signing | 403 | PKCS7 _sign() on ly initial izes the P KCS7 struc ture and t he actual signing | |||
| 3174 | is do ne after t he data is output (a nd digests calculate d) in | 404 | is do ne after t he data is output (a nd digests calculate d) in | |||
| 3175 | SMIME _write_PKC S7(). | 405 | SMIME _write_PKC S7(). | |||
| 3176 | [Stev e Henson] | 406 | [Stev e Henson] | |||
| 3177 | 407 | |||||
| 3178 | *) Add f ull suppor t for -rpa th/-R, bot h in share d librarie s and | 408 | *) Add f ull suppor t for -rpa th/-R, bot h in share d librarie s and | |||
| 3179 | appli cations, a t least on the platf orms where it's know n how | 409 | appli cations, a t least on the platf orms where it's know n how | |||
| 3180 | to do it. | 410 | to do it. | |||
| 3181 | [Rich ard Levitt e] | 411 | [Rich ard Levitt e] | |||
| 3182 | 412 | |||||
| 3183 | *) In cr ypto/ec/ec _mult.c, i mplement f ast point multiplica tion with | 413 | *) In cr ypto/ec/ec _mult.c, i mplement f ast point multiplica tion with | |||
| 3184 | preco mputation, based on wNAF split ting: EC_G ROUP_preco mpute_mult () | 414 | preco mputation, based on wNAF split ting: EC_G ROUP_preco mpute_mult () | |||
| 3185 | will now comput e a table of multipl es of the generator that | 415 | will now comput e a table of multipl es of the generator that | |||
| 3186 | makes subsequen t invocati ons of EC_ POINTs_mul () or EC_P OINT_mul() | 416 | makes subsequen t invocati ons of EC_ POINTs_mul () or EC_P OINT_mul() | |||
| 3187 | faste r (notably in the ca se of a si ngle point multiplic ation, | 417 | faste r (notably in the ca se of a si ngle point multiplic ation, | |||
| 3188 | scala r * genera tor). | 418 | scala r * genera tor). | |||
| 3189 | [Nils Larsch, B odo Moelle r] | 419 | [Nils Larsch, B odo Moelle r] | |||
| 3190 | 420 | |||||
| 3191 | *) IPv6 support fo r certific ate extens ions. The various ex tensions | 421 | *) IPv6 support fo r certific ate extens ions. The various ex tensions | |||
| 3192 | which use the I P:a.b.c.d can now ta ke IPv6 ad dresses us ing the | 422 | which use the I P:a.b.c.d can now ta ke IPv6 ad dresses us ing the | |||
| 3193 | forma ts of RFC1 884 2.2 . IPv6 addre sses are n ow also di splayed | 423 | forma ts of RFC1 884 2.2 . IPv6 addre sses are n ow also di splayed | |||
| 3194 | corre ctly. | 424 | corre ctly. | |||
| 3195 | [Stev e Henson] | 425 | [Stev e Henson] | |||
| 3196 | 426 | |||||
| 3197 | *) Added an ENGINE that impl ements RSA by perfor ming priva te key | 427 | *) Added an ENGINE that impl ements RSA by perfor ming priva te key | |||
| 3198 | expon entiations with the GMP librar y. The con versions t o and from | 428 | expon entiations with the GMP librar y. The con versions t o and from | |||
| 3199 | GMP's mpz_t for mat aren't optimised nor are a ny montgom ery forms | 429 | GMP's mpz_t for mat aren't optimised nor are a ny montgom ery forms | |||
| 3200 | cache d, and on x86 it app ears OpenS SL's own p erformance has caugh t up. | 430 | cache d, and on x86 it app ears OpenS SL's own p erformance has caugh t up. | |||
| 3201 | Howev er there a re likely to be othe r architec tures wher e GMP coul d | 431 | Howev er there a re likely to be othe r architec tures wher e GMP coul d | |||
| 3202 | provi de a boost . This ENG INE is not built in by default , but it c an be | 432 | provi de a boost . This ENG INE is not built in by default , but it c an be | |||
| 3203 | speci fied at Co nfigure ti me and sho uld be acc ompanied b y the nece ssary | 433 | speci fied at Co nfigure ti me and sho uld be acc ompanied b y the nece ssary | |||
| 3204 | linke r addition s, eg; | 434 | linke r addition s, eg; | |||
| 3205 | . /config -D OPENSSL_US E_GMP -lgm p | 435 | . /config -D OPENSSL_US E_GMP -lgm p | |||
| 3206 | [Geof f Thorpe] | 436 | [Geof f Thorpe] | |||
| 3207 | 437 | |||||
| 3208 | *) "open ssl engine " will not display E NGINE/DSO load failu re errors when | 438 | *) "open ssl engine " will not display E NGINE/DSO load failu re errors when | |||
| 3209 | testi ng availab ility of e ngines wit h "-t" - t he old beh aviour is | 439 | testi ng availab ility of e ngines wit h "-t" - t he old beh aviour is | |||
| 3210 | produ ced by inc reasing th e feature' s verbosit y with "-t t". | 440 | produ ced by inc reasing th e feature' s verbosit y with "-t t". | |||
| 3211 | [Geof f Thorpe] | 441 | [Geof f Thorpe] | |||
| 3212 | 442 | |||||
| 3213 | *) ECDSA routines: under cer tain error condition s uninitia lized BN o bjects | 443 | *) ECDSA routines: under cer tain error condition s uninitia lized BN o bjects | |||
| 3214 | could be freed. Solution: make sure initializ ation is p erformed e arly | 444 | could be freed. Solution: make sure initializ ation is p erformed e arly | |||
| 3215 | enoug h. (Report ed and fix supplied by Nils La rsch <nla@ trustcente r.de> | 445 | enoug h. (Report ed and fix supplied by Nils La rsch <nla@ trustcente r.de> | |||
| 3216 | via P R#459) | 446 | via P R#459) | |||
| 3217 | [Lutz Jaenicke] | 447 | [Lutz Jaenicke] | |||
| 3218 | 448 | |||||
| 3219 | *) Key-g eneration can now be implement ed in RSA_ METHOD, DS A_METHOD | 449 | *) Key-g eneration can now be implement ed in RSA_ METHOD, DS A_METHOD | |||
| 3220 | and D H_METHOD ( eg. by ENG INE implem entations) to overri de the nor mal | 450 | and D H_METHOD ( eg. by ENG INE implem entations) to overri de the nor mal | |||
| 3221 | softw are implem entations. For DSA a nd DH, par ameter gen eration ca n | 451 | softw are implem entations. For DSA a nd DH, par ameter gen eration ca n | |||
| 3222 | also be overrid en by prov iding the appropriat e method c allbacks. | 452 | also be overrid en by prov iding the appropriat e method c allbacks. | |||
| 3223 | [Geof f Thorpe] | 453 | [Geof f Thorpe] | |||
| 3224 | 454 | |||||
| 3225 | *) Chang e the "pro gress" mec hanism use d in key-g eneration and | 455 | *) Chang e the "pro gress" mec hanism use d in key-g eneration and | |||
| 3226 | prima lity testi ng to func tions that take a ne w BN_GENCB pointer i n | 456 | prima lity testi ng to func tions that take a ne w BN_GENCB pointer i n | |||
| 3227 | place of callba ck/argumen t pairs. T he new API functions have "_ex " | 457 | place of callba ck/argumen t pairs. T he new API functions have "_ex " | |||
| 3228 | postf ixes and t he older f unctions a re reimple mented as wrappers f or | 458 | postf ixes and t he older f unctions a re reimple mented as wrappers f or | |||
| 3229 | the n ew ones. T he OPENSSL _NO_DEPREC ATED symbo l can be u sed to hid e | 459 | the n ew ones. T he OPENSSL _NO_DEPREC ATED symbo l can be u sed to hid e | |||
| 3230 | decla rations of the old f unctions t o help (gr aceful) at tempts to | 460 | decla rations of the old f unctions t o help (gr aceful) at tempts to | |||
| 3231 | migra te to the new functi ons. Also, the new k ey-generat ion API | 461 | migra te to the new functi ons. Also, the new k ey-generat ion API | |||
| 3232 | funct ions opera te on a ca ller-suppl ied key-st ructure an d return | 462 | funct ions opera te on a ca ller-suppl ied key-st ructure an d return | |||
| 3233 | succe ss/failure rather th an returni ng a key o r NULL - t his is to | 463 | succe ss/failure rather th an returni ng a key o r NULL - t his is to | |||
| 3234 | help make "keyg en" anothe r member f unction of RSA_METHO D etc. | 464 | help make "keyg en" anothe r member f unction of RSA_METHO D etc. | |||
| 3235 | 465 | |||||
| 3236 | Examp le for usi ng the new callback interface: | 466 | Examp le for usi ng the new callback interface: | |||
| 3237 | 467 | |||||
| 3238 | int (*my_c allback)(i nt a, int b, BN_GENC B *cb) = . ..; | 468 | int (*my_c allback)(i nt a, int b, BN_GENC B *cb) = . ..; | |||
| 3239 | void *my_a rg = ...; | 469 | void *my_a rg = ...; | |||
| 3240 | BN_GENCB m y_cb; | 470 | BN_GENCB m y_cb; | |||
| 3241 | 471 | |||||
| 3242 | BN_GENCB_s et(&my_cb, my_callba ck, my_arg ); | 472 | BN_GENCB_s et(&my_cb, my_callba ck, my_arg ); | |||
| 3243 | 473 | |||||
| 3244 | return BN_ is_prime_e x(some_big num, BN_pr ime_checks , NULL, &c b); | 474 | return BN_ is_prime_e x(some_big num, BN_pr ime_checks , NULL, &c b); | |||
| 3245 | /* For the meaning o f a, b in calls to m y_callback (), see th e | 475 | /* For the meaning o f a, b in calls to m y_callback (), see th e | |||
| 3246 | * documen tation of the functi on that ca lls the ca llback. | 476 | * documen tation of the functi on that ca lls the ca llback. | |||
| 3247 | * cb will point to my_cb; my_ arg can be retrieved as cb->ar g. | 477 | * cb will point to my_cb; my_ arg can be retrieved as cb->ar g. | |||
| 3248 | * my_call back shoul d return 1 if it wan ts BN_is_p rime_ex() | 478 | * my_call back shoul d return 1 if it wan ts BN_is_p rime_ex() | |||
| 3249 | * to cont inue, or 0 to stop. | 479 | * to cont inue, or 0 to stop. | |||
| 3250 | */ | 480 | */ | |||
| 3251 | 481 | |||||
| 3252 | [Geof f Thorpe] | 482 | [Geof f Thorpe] | |||
| 3253 | 483 | |||||
| 3254 | *) Chang e the ZLIB compressi on method to be stat eful, and make it | 484 | *) Chang e the ZLIB compressi on method to be stat eful, and make it | |||
| 3255 | avail able to TL S with the number de fined in | 485 | avail able to TL S with the number de fined in | |||
| 3256 | draft -ietf-tls- compressio n-04.txt. | 486 | draft -ietf-tls- compressio n-04.txt. | |||
| 3257 | [Rich ard Levitt e] | 487 | [Rich ard Levitt e] | |||
| 3258 | 488 | |||||
| 3259 | *) Add t he ASN.1 s tructures and functi ons for Ce rtificateP air, which | 489 | *) Add t he ASN.1 s tructures and functi ons for Ce rtificateP air, which | |||
| 3260 | is de fined as f ollows (ac cording to X.509_4th EditionDra ftV6.pdf): | 490 | is de fined as f ollows (ac cording to X.509_4th EditionDra ftV6.pdf): | |||
| 3261 | 491 | |||||
| 3262 | Certi ficatePair ::= SEQUE NCE { | 492 | Certi ficatePair ::= SEQUE NCE { | |||
| 3263 | fo rward [0] Certific ate OPTION AL, | 493 | fo rward [0] Certific ate OPTION AL, | |||
| 3264 | re verse [1] Certific ate OPTION AL, | 494 | re verse [1] Certific ate OPTION AL, | |||
| 3265 | -- at least one of the pair shal l be prese nt -- } | 495 | -- at least one of the pair shal l be prese nt -- } | |||
| 3266 | 496 | |||||
| 3267 | Also implement the PEM fu nctions to read and write cert ificate | 497 | Also implement the PEM fu nctions to read and write cert ificate | |||
| 3268 | pairs , and defi ned the PE M tag as " CERTIFICAT E PAIR". | 498 | pairs , and defi ned the PE M tag as " CERTIFICAT E PAIR". | |||
| 3269 | 499 | |||||
| 3270 | This needed to be defined , mostly f or the sak e of the L DAP | 500 | This needed to be defined , mostly f or the sak e of the L DAP | |||
| 3271 | attri bute cross Certificat ePair, but may prove useful el sewhere as | 501 | attri bute cross Certificat ePair, but may prove useful el sewhere as | |||
| 3272 | well. | 502 | well. | |||
| 3273 | [Rich ard Levitt e] | 503 | [Rich ard Levitt e] | |||
| 3274 | 504 | |||||
| 3275 | *) Make it possibl e to inhib it symlink ing of sha red librar ies in | 505 | *) Make it possibl e to inhib it symlink ing of sha red librar ies in | |||
| 3276 | Makef ile.shared , for Cygw in's sake. | 506 | Makef ile.shared , for Cygw in's sake. | |||
| 3277 | [Rich ard Levitt e] | 507 | [Rich ard Levitt e] | |||
| 3278 | 508 | |||||
| 3279 | *) Exten d the BIGN UM API by creating a function | 509 | *) Exten d the BIGN UM API by creating a function | |||
| 3280 | void BN_se t_negative (BIGNUM *a , int neg) ; | 510 | void BN_se t_negative (BIGNUM *a , int neg) ; | |||
| 3281 | and a macro tha t behave l ike | 511 | and a macro tha t behave l ike | |||
| 3282 | int BN_is _negative( const BIGN UM *a); | 512 | int BN_is _negative( const BIGN UM *a); | |||
| 3283 | 513 | |||||
| 3284 | to av oid the ne ed to acce ss 'a->neg ' directly in applic ations. | 514 | to av oid the ne ed to acce ss 'a->neg ' directly in applic ations. | |||
| 3285 | [Nils Larsch] | 515 | [Nils Larsch] | |||
| 3286 | 516 | |||||
| 3287 | *) Imple ment fast modular re duction fo r pseudo-M ersenne pr imes | 517 | *) Imple ment fast modular re duction fo r pseudo-M ersenne pr imes | |||
| 3288 | used in NIST cu rves (cryp to/bn/bn_n ist.c, cry pto/ec/ecp _nist.c). | 518 | used in NIST cu rves (cryp to/bn/bn_n ist.c, cry pto/ec/ecp _nist.c). | |||
| 3289 | EC_GR OUP_new_cu rve_GFp() will now a utomatical ly use thi s | 519 | EC_GR OUP_new_cu rve_GFp() will now a utomatical ly use thi s | |||
| 3290 | if ap plicable. | 520 | if ap plicable. | |||
| 3291 | [Nils Larsch <n la@trustce nter.de>] | 521 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3292 | 522 | |||||
| 3293 | *) Add n ew lock ty pe (CRYPTO _LOCK_BN). | 523 | *) Add n ew lock ty pe (CRYPTO _LOCK_BN). | |||
| 3294 | [Bodo Moeller] | 524 | [Bodo Moeller] | |||
| 3295 | 525 | |||||
| 3296 | *) Chang e the ENGI NE framewo rk to auto matically load engin es | 526 | *) Chang e the ENGI NE framewo rk to auto matically load engin es | |||
| 3297 | dynam ically fro m specific directori es unless they could be | 527 | dynam ically fro m specific directori es unless they could be | |||
| 3298 | found to alread y be built in or loa ded. Move all the | 528 | found to alread y be built in or loa ded. Move all the | |||
| 3299 | curre nt engines except fo r the cryp todev one to a new | 529 | curre nt engines except fo r the cryp todev one to a new | |||
| 3300 | direc tory engin es/. | 530 | direc tory engin es/. | |||
| 3301 | The e ngines in engines/ a re built a s shared l ibraries i f | 531 | The e ngines in engines/ a re built a s shared l ibraries i f | |||
| 3302 | the " shared" op tions was given to . /Configure or ./conf ig. | 532 | the " shared" op tions was given to . /Configure or ./conf ig. | |||
| 3303 | Other wise, they are inser ted in lib crypto.a. | 533 | Other wise, they are inser ted in lib crypto.a. | |||
| 3304 | /usr/ local/ssl/ engines is the defau lt directo ry for dyn amic | 534 | /usr/ local/ssl/ engines is the defau lt directo ry for dyn amic | |||
| 3305 | engin es, but th at can be overriden at configu re time th rough | 535 | engin es, but th at can be overriden at configu re time th rough | |||
| 3306 | the u sual use o f --prefix and/or -- openssldir , and at r un | 536 | the u sual use o f --prefix and/or -- openssldir , and at r un | |||
| 3307 | time with the e nvironment variable OPENSSL_EN GINES. | 537 | time with the e nvironment variable OPENSSL_EN GINES. | |||
| 3308 | [Geof f Thorpe a nd Richard Levitte] | 538 | [Geof f Thorpe a nd Richard Levitte] | |||
| 3309 | 539 | |||||
| 3310 | *) Add M akefile.sh ared, a he lper makef ile to bui ld shared | 540 | *) Add M akefile.sh ared, a he lper makef ile to bui ld shared | |||
| 3311 | libra ries. Add apt Makefi le.org. | 541 | libra ries. Add apt Makefi le.org. | |||
| 3312 | [Rich ard Levitt e] | 542 | [Rich ard Levitt e] | |||
| 3313 | 543 | |||||
| 3314 | *) Add v ersion inf o to Win32 DLLs. | 544 | *) Add v ersion inf o to Win32 DLLs. | |||
| 3315 | [Pete r 'Luna' R unestig" < peter@rune stig.com>] | 545 | [Pete r 'Luna' R unestig" < peter@rune stig.com>] | |||
| 3316 | 546 | |||||
| 3317 | *) Add n ew 'medium level' PK CS#12 API. Certifica tes and ke ys | 547 | *) Add n ew 'medium level' PK CS#12 API. Certifica tes and ke ys | |||
| 3318 | can b e added us ing this A PI to crea ted arbitr ary PKCS#1 2 | 548 | can b e added us ing this A PI to crea ted arbitr ary PKCS#1 2 | |||
| 3319 | files while avo iding the low level API. | 549 | files while avo iding the low level API. | |||
| 3320 | 550 | |||||
| 3321 | New o ptions to PKCS12_cre ate(), key or cert c an be NULL and | 551 | New o ptions to PKCS12_cre ate(), key or cert c an be NULL and | |||
| 3322 | will then be om itted from the outpu t file. Th e encrypti on | 552 | will then be om itted from the outpu t file. Th e encrypti on | |||
| 3323 | algor ithm NIDs can be set to -1 for no encryp tion, the mac | 553 | algor ithm NIDs can be set to -1 for no encryp tion, the mac | |||
| 3324 | itera tion count can be se t to 0 to omit the m ac. | 554 | itera tion count can be se t to 0 to omit the m ac. | |||
| 3325 | 555 | |||||
| 3326 | Enhan ce pkcs12 utility by making th e -nokeys and -nocer ts | 556 | Enhan ce pkcs12 utility by making th e -nokeys and -nocer ts | |||
| 3327 | optio ns work wh en creatin g a PKCS#1 2 file. Ne w option - nomac | 557 | optio ns work wh en creatin g a PKCS#1 2 file. Ne w option - nomac | |||
| 3328 | to om it the mac , NONE can be set fo r an encry ption algo rithm. | 558 | to om it the mac , NONE can be set fo r an encry ption algo rithm. | |||
| 3329 | New c ode is mod ified to u se the enh anced PKCS 12_create( ) | 559 | New c ode is mod ified to u se the enh anced PKCS 12_create( ) | |||
| 3330 | inste ad of the low level API. | 560 | inste ad of the low level API. | |||
| 3331 | [Stev e Henson] | 561 | [Stev e Henson] | |||
| 3332 | 562 | |||||
| 3333 | *) Exten d ASN1 enc oder to su pport inde finite len gth constr ucted | 563 | *) Exten d ASN1 enc oder to su pport inde finite len gth constr ucted | |||
| 3334 | encod ing. This can output sequences tags and octet stri ngs in | 564 | encod ing. This can output sequences tags and octet stri ngs in | |||
| 3335 | this form. Modi fy pk7_asn 1.c to sup port indef inite leng th | 565 | this form. Modi fy pk7_asn 1.c to sup port indef inite leng th | |||
| 3336 | encod ing. This is experim ental and needs addi tional cod e to | 566 | encod ing. This is experim ental and needs addi tional cod e to | |||
| 3337 | be us eful, such as an ASN 1 bio and some enhan ced stream ing | 567 | be us eful, such as an ASN 1 bio and some enhan ced stream ing | |||
| 3338 | PKCS# 7 code. | 568 | PKCS# 7 code. | |||
| 3339 | 569 | |||||
| 3340 | Exten d template encode fu nctionalit y so that tagging is passed | 570 | Exten d template encode fu nctionalit y so that tagging is passed | |||
| 3341 | down to the tem plate enco der. | 571 | down to the tem plate enco der. | |||
| 3342 | [Stev e Henson] | 572 | [Stev e Henson] | |||
| 3343 | 573 | |||||
| 3344 | *) Let ' openssl re q' fail if an argume nt to '-ne wkey' is n ot | 574 | *) Let ' openssl re q' fail if an argume nt to '-ne wkey' is n ot | |||
| 3345 | recog nized inst ead of usi ng RSA as a default. | 575 | recog nized inst ead of usi ng RSA as a default. | |||
| 3346 | [Bodo Moeller] | 576 | [Bodo Moeller] | |||
| 3347 | 577 | |||||
| 3348 | *) Add s upport for ECC-based ciphersui tes from d raft-ietf- tls-ecc-01 .txt. | 578 | *) Add s upport for ECC-based ciphersui tes from d raft-ietf- tls-ecc-01 .txt. | |||
| 3349 | As th ese are no t official , they are not inclu ded in "AL L"; | 579 | As th ese are no t official , they are not inclu ded in "AL L"; | |||
| 3350 | the " ECCdraft" ciphersuit e group al ias can be used to s elect them . | 580 | the " ECCdraft" ciphersuit e group al ias can be used to s elect them . | |||
| 3351 | [Vipu l Gupta an d Sumit Gu pta (Sun M icrosystem s Laborato ries)] | 581 | [Vipu l Gupta an d Sumit Gu pta (Sun M icrosystem s Laborato ries)] | |||
| 3352 | 582 | |||||
| 3353 | *) Add E CDH engine support. | 583 | *) Add E CDH engine support. | |||
| 3354 | [Nils Gura and Douglas St ebila (Sun Microsyst ems Labora tories)] | 584 | [Nils Gura and Douglas St ebila (Sun Microsyst ems Labora tories)] | |||
| 3355 | 585 | |||||
| 3356 | *) Add E CDH in new directory crypto/ec dh/. | 586 | *) Add E CDH in new directory crypto/ec dh/. | |||
| 3357 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | 587 | [Doug las Stebil a (Sun Mic rosystems Laboratori es)] | |||
| 3358 | 588 | |||||
| 3359 | *) Let B N_rand_ran ge() abort with an e rror after 100 itera tions | 589 | *) Let B N_rand_ran ge() abort with an e rror after 100 itera tions | |||
| 3360 | witho ut success (which in dicates a broken PRN G). | 590 | witho ut success (which in dicates a broken PRN G). | |||
| 3361 | [Bodo Moeller] | 591 | [Bodo Moeller] | |||
| 3362 | 592 | |||||
| 3363 | *) Chang e BN_mod_s qrt() so t hat it ver ifies that the input value | 593 | *) Chang e BN_mod_s qrt() so t hat it ver ifies that the input value | |||
| 3364 | is re ally the s quare of t he return value. (P reviously, | 594 | is re ally the s quare of t he return value. (P reviously, | |||
| 3365 | BN_mo d_sqrt wou ld show GI GO behavio ur.) | 595 | BN_mo d_sqrt wou ld show GI GO behavio ur.) | |||
| 3366 | [Bodo Moeller] | 596 | [Bodo Moeller] | |||
| 3367 | 597 | |||||
| 3368 | *) Add n amed ellip tic curves over bina ry fields from X9.62 , SECG, | 598 | *) Add n amed ellip tic curves over bina ry fields from X9.62 , SECG, | |||
| 3369 | and W AP/WTLS; a dd OIDs th at were st ill missin g. | 599 | and W AP/WTLS; a dd OIDs th at were st ill missin g. | |||
| 3370 | 600 | |||||
| 3371 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 601 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3372 | (Sun Microsyste ms Laborat ories)] | 602 | (Sun Microsyste ms Laborat ories)] | |||
| 3373 | 603 | |||||
| 3374 | *) Exten d the EC l ibrary for elliptic curves ove r binary f ields | 604 | *) Exten d the EC l ibrary for elliptic curves ove r binary f ields | |||
| 3375 | (new files ec2_ smpl.c, ec 2_smpt.c, ec2_mult.c in crypto /ec/). | 605 | (new files ec2_ smpl.c, ec 2_smpt.c, ec2_mult.c in crypto /ec/). | |||
| 3376 | New E C_METHOD: | 606 | New E C_METHOD: | |||
| 3377 | 607 | |||||
| 3378 | EC_GF2m_si mple_metho d | 608 | EC_GF2m_si mple_metho d | |||
| 3379 | 609 | |||||
| 3380 | New A PI functio ns: | 610 | New A PI functio ns: | |||
| 3381 | 611 | |||||
| 3382 | EC_GROUP_n ew_curve_G F2m | 612 | EC_GROUP_n ew_curve_G F2m | |||
| 3383 | EC_GROUP_s et_curve_G F2m | 613 | EC_GROUP_s et_curve_G F2m | |||
| 3384 | EC_GROUP_g et_curve_G F2m | 614 | EC_GROUP_g et_curve_G F2m | |||
| 3385 | EC_POINT_s et_affine_ coordinate s_GF2m | 615 | EC_POINT_s et_affine_ coordinate s_GF2m | |||
| 3386 | EC_POINT_g et_affine_ coordinate s_GF2m | 616 | EC_POINT_g et_affine_ coordinate s_GF2m | |||
| 3387 | EC_POINT_s et_compres sed_coordi nates_GF2m | 617 | EC_POINT_s et_compres sed_coordi nates_GF2m | |||
| 3388 | 618 | |||||
| 3389 | Point compressi on for bin ary fields is disabl ed by defa ult for | 619 | Point compressi on for bin ary fields is disabl ed by defa ult for | |||
| 3390 | paten t reasons (compile w ith OPENSS L_EC_BIN_P T_COMP def ined to | 620 | paten t reasons (compile w ith OPENSS L_EC_BIN_P T_COMP def ined to | |||
| 3391 | enabl e it). | 621 | enabl e it). | |||
| 3392 | 622 | |||||
| 3393 | As bi nary polyn omials are represent ed as BIGN UMs, vario us members | 623 | As bi nary polyn omials are represent ed as BIGN UMs, vario us members | |||
| 3394 | of th e EC_GROUP and EC_PO INT data s tructures can be sha red | 624 | of th e EC_GROUP and EC_PO INT data s tructures can be sha red | |||
| 3395 | betwe en the imp lementatio ns for pri me fields and binary fields; | 625 | betwe en the imp lementatio ns for pri me fields and binary fields; | |||
| 3396 | the a bove ..._G F2m functi ons (excep t for EX_G ROUP_new_c urve_GF2m) | 626 | the a bove ..._G F2m functi ons (excep t for EX_G ROUP_new_c urve_GF2m) | |||
| 3397 | are e ssentially identical to their ..._GFp co unterparts . | 627 | are e ssentially identical to their ..._GFp co unterparts . | |||
| 3398 | (For simplicity , the '... _GFp' pref ix has bee n dropped from | 628 | (For simplicity , the '... _GFp' pref ix has bee n dropped from | |||
| 3399 | vario us interna l method n ames.) | 629 | vario us interna l method n ames.) | |||
| 3400 | 630 | |||||
| 3401 | An in ternal 'fi eld_div' m ethod (sim ilar to 'f ield_mul' and | 631 | An in ternal 'fi eld_div' m ethod (sim ilar to 'f ield_mul' and | |||
| 3402 | 'fiel d_sqr') ha s been add ed; this i s used onl y for bina ry fields. | 632 | 'fiel d_sqr') ha s been add ed; this i s used onl y for bina ry fields. | |||
| 3403 | 633 | |||||
| 3404 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 634 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3405 | (Sun Microsyste ms Laborat ories)] | 635 | (Sun Microsyste ms Laborat ories)] | |||
| 3406 | 636 | |||||
| 3407 | *) Optio nally disp atch EC_PO INT_mul(), EC_POINT_ precompute _mult() | 637 | *) Optio nally disp atch EC_PO INT_mul(), EC_POINT_ precompute _mult() | |||
| 3408 | throu gh methods ('mul', ' precompute _mult'). | 638 | throu gh methods ('mul', ' precompute _mult'). | |||
| 3409 | 639 | |||||
| 3410 | The g eneric imp lementatio ns (now in ternally c alled 'ec_ wNAF_mul' | 640 | The g eneric imp lementatio ns (now in ternally c alled 'ec_ wNAF_mul' | |||
| 3411 | and ' ec_wNAF_pr ecomputed_ mult') rem ain the de fault if t hese | 641 | and ' ec_wNAF_pr ecomputed_ mult') rem ain the de fault if t hese | |||
| 3412 | metho ds are und efined. | 642 | metho ds are und efined. | |||
| 3413 | 643 | |||||
| 3414 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 644 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3415 | (Sun Microsyste ms Laborat ories)] | 645 | (Sun Microsyste ms Laborat ories)] | |||
| 3416 | 646 | |||||
| 3417 | *) New f unction EC _GROUP_get _degree, w hich is de fined thro ugh | 647 | *) New f unction EC _GROUP_get _degree, w hich is de fined thro ugh | |||
| 3418 | EC_ME THOD. For curves ov er prime f ields, thi s returns the bit | 648 | EC_ME THOD. For curves ov er prime f ields, thi s returns the bit | |||
| 3419 | lengt h of the m odulus. | 649 | lengt h of the m odulus. | |||
| 3420 | 650 | |||||
| 3421 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 651 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3422 | (Sun Microsyste ms Laborat ories)] | 652 | (Sun Microsyste ms Laborat ories)] | |||
| 3423 | 653 | |||||
| 3424 | *) New f unctions E C_GROUP_du p, EC_POIN T_dup. | 654 | *) New f unctions E C_GROUP_du p, EC_POIN T_dup. | |||
| 3425 | (Thes e simply c all ..._ne w and ... _copy). | 655 | (Thes e simply c all ..._ne w and ... _copy). | |||
| 3426 | 656 | |||||
| 3427 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 657 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3428 | (Sun Microsyste ms Laborat ories)] | 658 | (Sun Microsyste ms Laborat ories)] | |||
| 3429 | 659 | |||||
| 3430 | *) Add b inary poly nomial ari thmetic so ftware in crypto/bn/ bn_gf2m.c. | 660 | *) Add b inary poly nomial ari thmetic so ftware in crypto/bn/ bn_gf2m.c. | |||
| 3431 | Polyn omials are represent ed as BIGN UMs (where the sign bit is not | 661 | Polyn omials are represent ed as BIGN UMs (where the sign bit is not | |||
| 3432 | used) in the fo llowing fu nctions [m acros]: | 662 | used) in the fo llowing fu nctions [m acros]: | |||
| 3433 | 663 | |||||
| 3434 | BN_GF2m_ad d | 664 | BN_GF2m_ad d | |||
| 3435 | BN_GF2m_su b [= BN_ GF2m_add] | 665 | BN_GF2m_su b [= BN_ GF2m_add] | |||
| 3436 | BN_GF2m_mo d [wrapp er for BN_ GF2m_mod_a rr] | 666 | BN_GF2m_mo d [wrapp er for BN_ GF2m_mod_a rr] | |||
| 3437 | BN_GF2m_mo d_mul [wrapp er for BN_ GF2m_mod_m ul_arr] | 667 | BN_GF2m_mo d_mul [wrapp er for BN_ GF2m_mod_m ul_arr] | |||
| 3438 | BN_GF2m_mo d_sqr [wrapp er for BN_ GF2m_mod_s qr_arr] | 668 | BN_GF2m_mo d_sqr [wrapp er for BN_ GF2m_mod_s qr_arr] | |||
| 3439 | BN_GF2m_mo d_inv | 669 | BN_GF2m_mo d_inv | |||
| 3440 | BN_GF2m_mo d_exp [wrapp er for BN_ GF2m_mod_e xp_arr] | 670 | BN_GF2m_mo d_exp [wrapp er for BN_ GF2m_mod_e xp_arr] | |||
| 3441 | BN_GF2m_mo d_sqrt [wrapp er for BN_ GF2m_mod_s qrt_arr] | 671 | BN_GF2m_mo d_sqrt [wrapp er for BN_ GF2m_mod_s qrt_arr] | |||
| 3442 | BN_GF2m_mo d_solve_qu ad [wrapp er for BN_ GF2m_mod_s olve_quad_ arr] | 672 | BN_GF2m_mo d_solve_qu ad [wrapp er for BN_ GF2m_mod_s olve_quad_ arr] | |||
| 3443 | BN_GF2m_cm p [= BN_ ucmp] | 673 | BN_GF2m_cm p [= BN_ ucmp] | |||
| 3444 | 674 | |||||
| 3445 | (Note that only the 'mod' functions are actua lly for fi elds GF(2^ m). | 675 | (Note that only the 'mod' functions are actua lly for fi elds GF(2^ m). | |||
| 3446 | BN_GF 2m_add() i s misnomer , but this is for th e sake of consistenc y.) | 676 | BN_GF 2m_add() i s misnomer , but this is for th e sake of consistenc y.) | |||
| 3447 | 677 | |||||
| 3448 | For s ome functi ons, an th e irreduci ble polyno mial defin ing a | 678 | For s ome functi ons, an th e irreduci ble polyno mial defin ing a | |||
| 3449 | field can be gi ven as an 'unsigned int[]' wit h strictly | 679 | field can be gi ven as an 'unsigned int[]' wit h strictly | |||
| 3450 | decre asing elem ents givin g the indi ces of tho se bits th at are set ; | 680 | decre asing elem ents givin g the indi ces of tho se bits th at are set ; | |||
| 3451 | i.e., p[] repre sents the polynomial | 681 | i.e., p[] repre sents the polynomial | |||
| 3452 | f(t) = t^p [0] + t^p[ 1] + ... + t^p[k] | 682 | f(t) = t^p [0] + t^p[ 1] + ... + t^p[k] | |||
| 3453 | where | 683 | where | |||
| 3454 | p[0] > p[1 ] > ... > p[k] = 0. | 684 | p[0] > p[1 ] > ... > p[k] = 0. | |||
| 3455 | This applies to the follo wing funct ions: | 685 | This applies to the follo wing funct ions: | |||
| 3456 | 686 | |||||
| 3457 | BN_GF2m_mo d_arr | 687 | BN_GF2m_mo d_arr | |||
| 3458 | BN_GF2m_mo d_mul_arr | 688 | BN_GF2m_mo d_mul_arr | |||
| 3459 | BN_GF2m_mo d_sqr_arr | 689 | BN_GF2m_mo d_sqr_arr | |||
| 3460 | BN_GF2m_mo d_inv_arr [wr apper for BN_GF2m_mo d_inv] | 690 | BN_GF2m_mo d_inv_arr [wr apper for BN_GF2m_mo d_inv] | |||
| 3461 | BN_GF2m_mo d_div_arr [wr apper for BN_GF2m_mo d_div] | 691 | BN_GF2m_mo d_div_arr [wr apper for BN_GF2m_mo d_div] | |||
| 3462 | BN_GF2m_mo d_exp_arr | 692 | BN_GF2m_mo d_exp_arr | |||
| 3463 | BN_GF2m_mo d_sqrt_arr | 693 | BN_GF2m_mo d_sqrt_arr | |||
| 3464 | BN_GF2m_mo d_solve_qu ad_arr | 694 | BN_GF2m_mo d_solve_qu ad_arr | |||
| 3465 | BN_GF2m_po ly2arr | 695 | BN_GF2m_po ly2arr | |||
| 3466 | BN_GF2m_ar r2poly | 696 | BN_GF2m_ar r2poly | |||
| 3467 | 697 | |||||
| 3468 | Conve rsion can be perform ed by the following functions: | 698 | Conve rsion can be perform ed by the following functions: | |||
| 3469 | 699 | |||||
| 3470 | BN_GF2m_po ly2arr | 700 | BN_GF2m_po ly2arr | |||
| 3471 | BN_GF2m_ar r2poly | 701 | BN_GF2m_ar r2poly | |||
| 3472 | 702 | |||||
| 3473 | bntes t.c has ad ditional t ests for b inary poly nomial ari thmetic. | 703 | bntes t.c has ad ditional t ests for b inary poly nomial ari thmetic. | |||
| 3474 | 704 | |||||
| 3475 | Two i mplementat ions for B N_GF2m_mod _div() are available . | 705 | Two i mplementat ions for B N_GF2m_mod _div() are available . | |||
| 3476 | The d efault alg orithm sim ply uses B N_GF2m_mod _inv() and | 706 | The d efault alg orithm sim ply uses B N_GF2m_mod _inv() and | |||
| 3477 | BN_GF 2m_mod_mul (). The a lternative algorithm is compil ed in only | 707 | BN_GF 2m_mod_mul (). The a lternative algorithm is compil ed in only | |||
| 3478 | if OP ENSSL_SUN_ GF2M_DIV i s defined (patent pe nding; rea d the | 708 | if OP ENSSL_SUN_ GF2M_DIV i s defined (patent pe nding; rea d the | |||
| 3479 | copyr ight notic e in crypt o/bn/bn_gf 2m.c befor e enabling it). | 709 | copyr ight notic e in crypt o/bn/bn_gf 2m.c befor e enabling it). | |||
| 3480 | 710 | |||||
| 3481 | [Sheu eling Chan g Shantz a nd Douglas Stebila | 711 | [Sheu eling Chan g Shantz a nd Douglas Stebila | |||
| 3482 | (Sun Microsyste ms Laborat ories)] | 712 | (Sun Microsyste ms Laborat ories)] | |||
| 3483 | 713 | |||||
| 3484 | *) Add n ew error c ode 'ERR_R _DISABLED' that can be used wh en some | 714 | *) Add n ew error c ode 'ERR_R _DISABLED' that can be used wh en some | |||
| 3485 | funct ionality i s disabled at compil e-time. | 715 | funct ionality i s disabled at compil e-time. | |||
| 3486 | [Doug las Stebil a <douglas .stebila@s un.com>] | 716 | [Doug las Stebil a <douglas .stebila@s un.com>] | |||
| 3487 | 717 | |||||
| 3488 | *) Chang e default behaviour of 'openss l asn1pars e' so that more | 718 | *) Chang e default behaviour of 'openss l asn1pars e' so that more | |||
| 3489 | infor mation is visible wh en viewing , e.g., a certificat e: | 719 | infor mation is visible wh en viewing , e.g., a certificat e: | |||
| 3490 | 720 | |||||
| 3491 | Modif y asn1_par se2 (crypt o/asn1/asn 1_par.c) s o that in non-'dump' | 721 | Modif y asn1_par se2 (crypt o/asn1/asn 1_par.c) s o that in non-'dump' | |||
| 3492 | mode the conten t of non-p rintable O CTET STRIN Gs is outp ut in a | 722 | mode the conten t of non-p rintable O CTET STRIN Gs is outp ut in a | |||
| 3493 | style similar t o INTEGERs , but with '[HEX DUM P]' prepen ded to | 723 | style similar t o INTEGERs , but with '[HEX DUM P]' prepen ded to | |||
| 3494 | avoid the appea rance of a printable string. | 724 | avoid the appea rance of a printable string. | |||
| 3495 | [Nils Larsch <n la@trustce nter.de>] | 725 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3496 | 726 | |||||
| 3497 | *) Add ' asn1_flag' and 'asn1 _form' mem ber to EC_ GROUP with access | 727 | *) Add ' asn1_flag' and 'asn1 _form' mem ber to EC_ GROUP with access | |||
| 3498 | funct ions | 728 | funct ions | |||
| 3499 | EC_GROUP_s et_asn1_fl ag() | 729 | EC_GROUP_s et_asn1_fl ag() | |||
| 3500 | EC_GROUP_g et_asn1_fl ag() | 730 | EC_GROUP_g et_asn1_fl ag() | |||
| 3501 | EC_GROUP_s et_point_c onversion_ form() | 731 | EC_GROUP_s et_point_c onversion_ form() | |||
| 3502 | EC_GROUP_g et_point_c onversion_ form() | 732 | EC_GROUP_g et_point_c onversion_ form() | |||
| 3503 | These control A SN1 encodi ng details : | 733 | These control A SN1 encodi ng details : | |||
| 3504 | - Cur ves (i.e., groups) a re encoded explicitl y unless a sn1_flag | 734 | - Cur ves (i.e., groups) a re encoded explicitl y unless a sn1_flag | |||
| 3505 | has been set to OPENSSL _EC_NAMED_ CURVE. | 735 | has been set to OPENSSL _EC_NAMED_ CURVE. | |||
| 3506 | - Poi nts are en coded in u ncompresse d form by default; o ptions for | 736 | - Poi nts are en coded in u ncompresse d form by default; o ptions for | |||
| 3507 | asn 1_for are as for poi nt2oct, na mely | 737 | asn 1_for are as for poi nt2oct, na mely | |||
| 3508 | POINT_CONV ERSION_COM PRESSED | 738 | POINT_CONV ERSION_COM PRESSED | |||
| 3509 | POINT_CONV ERSION_UNC OMPRESSED | 739 | POINT_CONV ERSION_UNC OMPRESSED | |||
| 3510 | POINT_CONV ERSION_HYB RID | 740 | POINT_CONV ERSION_HYB RID | |||
| 3511 | 741 | |||||
| 3512 | Also add 'seed' and 'seed _len' memb ers to EC_ GROUP with access | 742 | Also add 'seed' and 'seed _len' memb ers to EC_ GROUP with access | |||
| 3513 | funct ions | 743 | funct ions | |||
| 3514 | EC_GROUP_s et_seed() | 744 | EC_GROUP_s et_seed() | |||
| 3515 | EC_GROUP_g et0_seed() | 745 | EC_GROUP_g et0_seed() | |||
| 3516 | EC_GROUP_g et_seed_le n() | 746 | EC_GROUP_g et_seed_le n() | |||
| 3517 | This is used on ly for ASN 1 purposes (so far). | 747 | This is used on ly for ASN 1 purposes (so far). | |||
| 3518 | [Nils Larsch <n la@trustce nter.de>] | 748 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3519 | 749 | |||||
| 3520 | *) Add ' field_type ' member t o EC_METHO D, which h olds the N ID | 750 | *) Add ' field_type ' member t o EC_METHO D, which h olds the N ID | |||
| 3521 | of th e appropri ate field type OID. The new f unction | 751 | of th e appropri ate field type OID. The new f unction | |||
| 3522 | EC_ME THOD_get_f ield_type( ) returns this value . | 752 | EC_ME THOD_get_f ield_type( ) returns this value . | |||
| 3523 | [Nils Larsch <n la@trustce nter.de>] | 753 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3524 | 754 | |||||
| 3525 | *) Add f unctions | 755 | *) Add f unctions | |||
| 3526 | EC_POINT_p oint2bn() | 756 | EC_POINT_p oint2bn() | |||
| 3527 | EC_POINT_b n2point() | 757 | EC_POINT_b n2point() | |||
| 3528 | EC_POINT_p oint2hex() | 758 | EC_POINT_p oint2hex() | |||
| 3529 | EC_POINT_h ex2point() | 759 | EC_POINT_h ex2point() | |||
| 3530 | provi ding usefu l interfac es to EC_P OINT_point 2oct() and | 760 | provi ding usefu l interfac es to EC_P OINT_point 2oct() and | |||
| 3531 | EC_PO INT_oct2po int(). | 761 | EC_PO INT_oct2po int(). | |||
| 3532 | [Nils Larsch <n la@trustce nter.de>] | 762 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3533 | 763 | |||||
| 3534 | *) Chang e internal s of the E C library so that th e function s | 764 | *) Chang e internal s of the E C library so that th e function s | |||
| 3535 | EC_GROUP_s et_generat or() | 765 | EC_GROUP_s et_generat or() | |||
| 3536 | EC_GROUP_g et_generat or() | 766 | EC_GROUP_g et_generat or() | |||
| 3537 | EC_GROUP_g et_order() | 767 | EC_GROUP_g et_order() | |||
| 3538 | EC_GROUP_g et_cofacto r() | 768 | EC_GROUP_g et_cofacto r() | |||
| 3539 | are i mplemented directly in crypto/ ec/ec_lib. c and not dispatched | 769 | are i mplemented directly in crypto/ ec/ec_lib. c and not dispatched | |||
| 3540 | to me thods, whi ch would l ead to unn ecessary c ode duplic ation when | 770 | to me thods, whi ch would l ead to unn ecessary c ode duplic ation when | |||
| 3541 | addin g differen t types of curves. | 771 | addin g differen t types of curves. | |||
| 3542 | [Nils Larsch <n la@trustce nter.de> w ith input by Bodo Mo eller] | 772 | [Nils Larsch <n la@trustce nter.de> w ith input by Bodo Mo eller] | |||
| 3543 | 773 | |||||
| 3544 | *) Imple ment compu te_wNAF (c rypto/ec/e c_mult.c) without BI GNUM | 774 | *) Imple ment compu te_wNAF (c rypto/ec/e c_mult.c) without BI GNUM | |||
| 3545 | arith metic, and such that modified wNAFs are generated | 775 | arith metic, and such that modified wNAFs are generated | |||
| 3546 | (whic h avoid le ngth expan sion in ma ny cases). | 776 | (whic h avoid le ngth expan sion in ma ny cases). | |||
| 3547 | [Bodo Moeller] | 777 | [Bodo Moeller] | |||
| 3548 | 778 | |||||
| 3549 | *) Add a function EC_GROUP_c heck_discr iminant() (defined v ia | 779 | *) Add a function EC_GROUP_c heck_discr iminant() (defined v ia | |||
| 3550 | EC_ME THOD) that verifies that the c urve discr iminant is non-zero. | 780 | EC_ME THOD) that verifies that the c urve discr iminant is non-zero. | |||
| 3551 | 781 | |||||
| 3552 | Add a function EC_GROUP_c heck() tha t makes so me sanity tests | 782 | Add a function EC_GROUP_c heck() tha t makes so me sanity tests | |||
| 3553 | on a EC_GROUP, its genera tor and or der. This includes | 783 | on a EC_GROUP, its genera tor and or der. This includes | |||
| 3554 | EC_GR OUP_check_ discrimina nt(). | 784 | EC_GR OUP_check_ discrimina nt(). | |||
| 3555 | [Nils Larsch <n la@trustce nter.de>] | 785 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3556 | 786 | |||||
| 3557 | *) Add E CDSA in ne w director y crypto/e cdsa/. | 787 | *) Add E CDSA in ne w director y crypto/e cdsa/. | |||
| 3558 | 788 | |||||
| 3559 | Add a pplication s 'openssl ecparam' and 'opens sl ecdsa' | 789 | Add a pplication s 'openssl ecparam' and 'opens sl ecdsa' | |||
| 3560 | (thes e are base d on 'open ssl dsapar am' and 'o penssl dsa '). | 790 | (thes e are base d on 'open ssl dsapar am' and 'o penssl dsa '). | |||
| 3561 | 791 | |||||
| 3562 | ECDSA support i s also inc luded in v arious oth er files a cross the | 792 | ECDSA support i s also inc luded in v arious oth er files a cross the | |||
| 3563 | libra ry. Most notably, | 793 | libra ry. Most notably, | |||
| 3564 | - 'op enssl req' now has a '-newkey ecdsa:file ' option; | 794 | - 'op enssl req' now has a '-newkey ecdsa:file ' option; | |||
| 3565 | - EVP _PKCS82PKE Y (crypto/ evp/evp_pk ey.c) now can handle ECDSA; | 795 | - EVP _PKCS82PKE Y (crypto/ evp/evp_pk ey.c) now can handle ECDSA; | |||
| 3566 | - X50 9_PUBKEY_g et (crypto /asn1/x_pu bkey.c) an d | 796 | - X50 9_PUBKEY_g et (crypto /asn1/x_pu bkey.c) an d | |||
| 3567 | d2i _PublicKey (crypto/a sn1/d2i_pu .c) have b een modifi ed to make | 797 | d2i _PublicKey (crypto/a sn1/d2i_pu .c) have b een modifi ed to make | |||
| 3568 | the m suitable for ECDSA where dom ain parame ters must be | 798 | the m suitable for ECDSA where dom ain parame ters must be | |||
| 3569 | ext racted bef ore the sp ecific pub lic key; | 799 | ext racted bef ore the sp ecific pub lic key; | |||
| 3570 | - ECD SA engine support ha s been add ed. | 800 | - ECD SA engine support ha s been add ed. | |||
| 3571 | [Nils Larsch <n la@trustce nter.de>] | 801 | [Nils Larsch <n la@trustce nter.de>] | |||
| 3572 | 802 | |||||
| 3573 | *) Inclu de some na med ellipt ic curves, and add O IDs from X 9.62, | 803 | *) Inclu de some na med ellipt ic curves, and add O IDs from X 9.62, | |||
| 3574 | SECG, and WAP/W TLS. Each curve can be obtain ed from th e new | 804 | SECG, and WAP/W TLS. Each curve can be obtain ed from th e new | |||
| 3575 | funct ion | 805 | funct ion | |||
| 3576 | EC_GROUP_n ew_by_curv e_name(), | 806 | EC_GROUP_n ew_by_curv e_name(), | |||
| 3577 | and t he list of available named cur ves can be obtained with | 807 | and t he list of available named cur ves can be obtained with | |||
| 3578 | EC_get_bui ltin_curve s(). | 808 | EC_get_bui ltin_curve s(). | |||
| 3579 | Also add a 'cur ve_name' m ember to E C_GROUP ob jects, whi ch can be | 809 | Also add a 'cur ve_name' m ember to E C_GROUP ob jects, whi ch can be | |||
| 3580 | acces sed via | 810 | acces sed via | |||
| 3581 | E C_GROUP_se t_curve_na me() | 811 | E C_GROUP_se t_curve_na me() | |||
| 3582 | E C_GROUP_ge t_curve_na me() | 812 | E C_GROUP_ge t_curve_na me() | |||
| 3583 | [Nils Larsch <l arsch@trus tcenter.de , Bodo Moe ller] | 813 | [Nils Larsch <l arsch@trus tcenter.de , Bodo Moe ller] | |||
| 3584 | 814 | |||||
| 3585 | *) Remov e a few ca lls to bn_ wexpand() in BN_sqr( ) (the one in there | 815 | *) Remov e a few ca lls to bn_ wexpand() in BN_sqr( ) (the one in there | |||
| 3586 | was a ctually ne ver needed ) and in B N_mul(). The remova l in BN_mu l() | 816 | was a ctually ne ver needed ) and in B N_mul(). The remova l in BN_mu l() | |||
| 3587 | requi red a smal l change i n bn_mul_p art_recurs ive() and the additi on | 817 | requi red a smal l change i n bn_mul_p art_recurs ive() and the additi on | |||
| 3588 | of th e function s bn_cmp_p art_words( ), bn_sub_ part_words () and | 818 | of th e function s bn_cmp_p art_words( ), bn_sub_ part_words () and | |||
| 3589 | bn_ad d_part_wor ds(), whic h do the s ame thing as bn_cmp_ words(), | 819 | bn_ad d_part_wor ds(), whic h do the s ame thing as bn_cmp_ words(), | |||
| 3590 | bn_su b_words() and bn_add _words() e xcept they take arra ys with | 820 | bn_su b_words() and bn_add _words() e xcept they take arra ys with | |||
| 3591 | diffe ring sizes . | 821 | diffe ring sizes . | |||
| 3592 | [Rich ard Levitt e] | 822 | [Rich ard Levitt e] | |||
| 3593 | 823 | |||||
| 3594 | Changes b etween 0.9 .7l and 0. 9.7m [23 Feb 2007] | 824 | Changes b etween 0.9 .7g and 0. 9.7h [XX xxx XXXX] | |||
| 3595 | ||||||
| 3596 | *) Clean se PEM buf fers befor e freeing them since they may contain | |||||
| 3597 | sensi tive data. | |||||
| 3598 | [Benj amin Benne tt <ben@ps c.edu>] | |||||
| 3599 | ||||||
| 3600 | *) Inclu de "!eNULL " in SSL_D EFAULT_CIP HER_LIST t o make sur e that | |||||
| 3601 | a cip hersuite s tring such as "DEFAU LT:RSA" ca nnot enabl e | |||||
| 3602 | authe ntication- only ciphe rsuites. | |||||
| 3603 | [Bodo Moeller] | |||||
| 3604 | ||||||
| 3605 | *) Since AES128 an d AES256 s hare a sin gle mask b it in the logic of | |||||
| 3606 | ssl/s sl_ciph.c, the code for maskin g out disa bled ciphe rs needs a | |||||
| 3607 | kludg e to work properly i f AES128 i s availabl e and AES2 56 isn't. | |||||
| 3608 | [Vict or Duchovn i] | |||||
| 3609 | ||||||
| 3610 | *) Expan d security boundary to match 1 .1.1 modul e. | |||||
| 3611 | [Stev e Henson] | |||||
| 3612 | ||||||
| 3613 | *) Remov e redundan t features : hash fil e source, editing of test vect ors | |||||
| 3614 | modif y fipsld t o use exte rnal fips_ premain.c signature. | |||||
| 3615 | [Stev e Henson] | |||||
| 3616 | ||||||
| 3617 | *) New p erl script mkfipsscr .pl to cre ate shell scripts or batch fil es to | |||||
| 3618 | run a lgorithm t est progra ms. | |||||
| 3619 | [Stev e Henson] | |||||
| 3620 | ||||||
| 3621 | *) Make algorithm test progr ams more t olerant of whitespac e. | |||||
| 3622 | [Stev e Henson] | |||||
| 3623 | ||||||
| 3624 | *) Have SSL/TLS se rver imple mentation tolerate " mismatched " record | |||||
| 3625 | proto col versio n while re ceiving Cl ientHello even if th e | |||||
| 3626 | Clien tHello is fragmented . (The se rver can't insist on the | |||||
| 3627 | parti cular prot ocol versi on it has chosen bef ore the Se rverHello | |||||
| 3628 | messa ge has inf ormed the client abo ut his cho ice.) | |||||
| 3629 | [Bodo Moeller] | |||||
| 3630 | ||||||
| 3631 | *) Load error code s if they are not al ready pres ent instea d of using a | |||||
| 3632 | stati c variable . This all ows them t o be clean ly unloade d and relo aded. | |||||
| 3633 | [Stev e Henson] | |||||
| 3634 | ||||||
| 3635 | Changes b etween 0.9 .7k and 0. 9.7l [28 Sep 2006] | |||||
| 3636 | ||||||
| 3637 | *) Intro duce limit s to preve nt malicio us keys be ing able t o | |||||
| 3638 | cause a denial of service . (CVE-20 06-2940) | |||||
| 3639 | [Stev e Henson, Bodo Moell er] | |||||
| 3640 | ||||||
| 3641 | *) Fix A SN.1 parsi ng of cert ain invali d structur es that ca n result | |||||
| 3642 | in a denial of service. (CVE-2006- 2937) [St eve Henson ] | |||||
| 3643 | ||||||
| 3644 | *) Fix b uffer over flow in SS L_get_shar ed_ciphers () functio n. | |||||
| 3645 | (CVE- 2006-3738) [Tavis Or mandy and Will Drewr y, Google Security T eam] | |||||
| 3646 | ||||||
| 3647 | *) Fix S SL client code which could cra sh if conn ecting to a | |||||
| 3648 | malic ious SSLv2 server. (CVE-2006- 4343) | |||||
| 3649 | [Tavi s Ormandy and Will D rewry, Goo gle Securi ty Team] | |||||
| 3650 | ||||||
| 3651 | *) Chang e ciphersu ite string processin g so that an explici t | |||||
| 3652 | ciphe rsuite sel ects this one cipher suite (so that "AES2 56-SHA" | |||||
| 3653 | will no longer include "A ES128-SHA" ), and any other sim ilar | |||||
| 3654 | ciphe rsuite (sa me bitmap) from *oth er* protoc ol version s (so that | |||||
| 3655 | "RC4- MD5" will still incl ude both t he SSL 2.0 ciphersui te and the | |||||
| 3656 | SSL 3 .0/TLS 1.0 ciphersui te). This is a back port combi ning | |||||
| 3657 | chang es from 0. 9.8b and 0 .9.8d. | |||||
| 3658 | [Bodo Moeller] | |||||
| 3659 | ||||||
| 3660 | Changes b etween 0.9 .7j and 0. 9.7k [05 Sep 2006] | |||||
| 3661 | ||||||
| 3662 | *) Avoid PKCS #1 v 1.5 signat ure attack discovere d by Danie l Bleichen bacher | |||||
| 3663 | (CVE- 2006-4339) [Ben Lau rie and Go ogle Secur ity Team] | |||||
| 3664 | ||||||
| 3665 | *) Chang e the Unix randomnes s entropy gathering to use pol l() when | |||||
| 3666 | possi ble instea d of selec t(), since the latte r has some | |||||
| 3667 | undes irable lim itations. | |||||
| 3668 | [Darr yl Miles v ia Richard Levitte a nd Bodo Mo eller] | |||||
| 3669 | ||||||
| 3670 | *) Disab le rogue c iphersuite s: | |||||
| 3671 | ||||||
| 3672 | - SS Lv2 0x08 0 x00 0x80 ( "RC4-64-MD 5") | |||||
| 3673 | - SS Lv3/TLSv1 0x00 0x61 ("EXP1024- RC2-CBC-MD 5") | |||||
| 3674 | - SS Lv3/TLSv1 0x00 0x60 ("EXP1024- RC4-MD5") | |||||
| 3675 | ||||||
| 3676 | The l atter two were purpo rtedly fro m | |||||
| 3677 | draft -ietf-tls- 56-bit-cip hersuites- 0[01].txt, but do no t really | |||||
| 3678 | appea r there. | |||||
| 3679 | ||||||
| 3680 | Also deactive t he remaini ng ciphers uites from | |||||
| 3681 | draft -ietf-tls- 56-bit-cip hersuites- 01.txt. T hese are j ust as | |||||
| 3682 | unoff icial, and the ID ha s long exp ired. | |||||
| 3683 | [Bodo Moeller] | |||||
| 3684 | ||||||
| 3685 | *) Fix R SA blindin g Heisenbu g (problem s sometime s occured on | |||||
| 3686 | dual- core machi nes) and o ther poten tial threa d-safety i ssues. | |||||
| 3687 | [Bodo Moeller] | |||||
| 3688 | ||||||
| 3689 | Changes b etween 0.9 .7i and 0. 9.7j [04 May 2006] | |||||
| 3690 | ||||||
| 3691 | *) Adapt fipsld an d the buil d system t o link aga inst the v alidated F IPS | |||||
| 3692 | modul e in FIPS mode. | |||||
| 3693 | [Stev e Henson] | |||||
| 3694 | ||||||
| 3695 | *) Fixes for VC++ 2005 build under Win dows. | |||||
| 3696 | [Stev e Henson] | |||||
| 3697 | ||||||
| 3698 | *) Add n ew Windows build tar get VC-32- GMAKE for VC++. This uses GNU make | |||||
| 3699 | from a Windows bash shell such as M SYS. It is autodetec ted from t he | |||||
| 3700 | "conf ig" script when run from a VC+ + environm ent. Modif y standard VC++ | |||||
| 3701 | build to use fi pscanister .o from th e GNU make build. | |||||
| 3702 | [Stev e Henson] | |||||
| 3703 | ||||||
| 3704 | Changes b etween 0.9 .7h and 0. 9.7i [14 Oct 2005] | |||||
| 3705 | ||||||
| 3706 | *) Wrapp ed the def inition of EVP_MAX_M D_SIZE in a #ifdef O PENSSL_FIP S. | |||||
| 3707 | The v alue now d iffers dep ending on if you bui ld for FIP S or not. | |||||
| 3708 | BEWAR E! A prog ram linked with a sh ared FIPSe d libcrypt o can't be | |||||
| 3709 | safel y run with a non-FIP Sed libcry pto, as it may crash because o f | |||||
| 3710 | the d ifference induced by this chan ge. | |||||
| 3711 | [Andy Polyakov] | |||||
| 3712 | ||||||
| 3713 | Changes b etween 0.9 .7g and 0. 9.7h [11 Oct 2005] | |||||
| 3714 | ||||||
| 3715 | *) Remov e the func tionality of SSL_OP_ MSIE_SSLV2 _RSA_PADDI NG | |||||
| 3716 | (part of SSL_OP _ALL). Th is option used to di sable the | |||||
| 3717 | count ermeasure against ma n-in-the-m iddle prot ocol-versi on | |||||
| 3718 | rollb ack in the SSL 2.0 s erver impl ementation , which is a bad | |||||
| 3719 | idea. (CVE-200 5-2969) | |||||
| 3720 | ||||||
| 3721 | [Bodo Moeller; problem po inted out by Yutaka Oiwa (Rese arch Cente r | |||||
| 3722 | for I nformation Security, National Institute of Advance d Industri al | |||||
| 3723 | Scien ce and Tec hnology [A IST], Japa n)] | |||||
| 3724 | 825 | |||||
| 3725 | *) Minim al support for X9.31 signature s and PSS padding mo des. This is | 826 | *) Minim al support for X9.31 signature s and PSS padding mo des. This is | |||
| 3726 | mainl y for FIPS complianc e and not fully inte grated at this stage . | 827 | mainl y for FIPS complianc e and not fully inte grated at this stage . | |||
| 3727 | [Stev e Henson] | 828 | [Stev e Henson] | |||
| 3728 | 829 | |||||
| 3729 | *) For D SA signing , unless D SA_FLAG_NO _EXP_CONST TIME is se t, perform | 830 | *) For D SA signing , unless D SA_FLAG_NO _EXP_CONST TIME is se t, perform | |||
| 3730 | the e xponentiat ion using a fixed-le ngth expon ent. (Oth erwise, | 831 | the e xponentiat ion using a fixed-le ngth expon ent. (Oth erwise, | |||
| 3731 | the i nformation leaked th rough timi ng could e xpose the secret key | 832 | the i nformation leaked th rough timi ng could e xpose the secret key | |||
| 3732 | after many sign atures; cf . Bleichen bacher's a ttack on D SA with | 833 | after many sign atures; cf . Bleichen bacher's a ttack on D SA with | |||
| 3733 | biase d k.) | 834 | biase d k.) | |||
| 3734 | [Bodo Moeller] | 835 | [Bodo Moeller] | |||
| 3735 | 836 | |||||
| 3736 | *) Make a new fixe d-window m od_exp imp lementatio n the defa ult for | 837 | *) Make a new fixe d-window m od_exp imp lementatio n the defa ult for | |||
| 3737 | RSA, DSA, and D H private- key operat ions so th at the seq uence of | 838 | RSA, DSA, and D H private- key operat ions so th at the seq uence of | |||
| 3738 | squar es and mul tiplies an d the memo ry access pattern ar e | 839 | squar es and mul tiplies an d the memo ry access pattern ar e | |||
| 3739 | indep endent of the partic ular secre t key. Th is will mi tigate | 840 | indep endent of the partic ular secre t key. Th is will mi tigate | |||
| 3740 | cache -timing an d potentia l related attacks. | 841 | cache -timing an d potentia l related attacks. | |||
| 3741 | 842 | |||||
| 3742 | BN_mo d_exp_mont _consttime () is the new expone ntiation i mplementat ion, | 843 | BN_mo d_exp_mont _consttime () is the new expone ntiation i mplementat ion, | |||
| 3743 | and t his is aut omatically used by B N_mod_exp_ mont() if the new fl ag | 844 | and t his is aut omatically used by B N_mod_exp_ mont() if the new fl ag | |||
| 3744 | BN_FL G_EXP_CONS TTIME is s et for the exponent. RSA, DSA , and DH | 845 | BN_FL G_EXP_CONS TTIME is s et for the exponent. RSA, DSA , and DH | |||
| 3745 | will use this B N flag for private e xponents u nless the flag | 846 | will use this B N flag for private e xponents u nless the flag | |||
| 3746 | RSA_F LAG_NO_EXP _CONSTTIME , DSA_FLAG _NO_EXP_CO NSTTIME, o r | 847 | RSA_F LAG_NO_EXP _CONSTTIME , DSA_FLAG _NO_EXP_CO NSTTIME, o r | |||
| 3747 | DH_FL AG_NO_EXP_ CONSTTIME, respectiv ely, is se t. | 848 | DH_FL AG_NO_EXP_ CONSTTIME, respectiv ely, is se t. | |||
| 3748 | 849 | |||||
| 3749 | [Matt hew D Wood (Intel Co rp), with some chang es by Bodo Moeller] | 850 | [Matt hew D Wood (Intel Co rp), with some chang es by Bodo Moeller] | |||
| 3750 | 851 | |||||
| 3751 | *) Chang e the clie nt impleme ntation fo r SSLv23_m ethod() an d | 852 | *) Chang e the clie nt impleme ntation fo r SSLv23_m ethod() an d | |||
| 3752 | SSLv2 3_client_m ethod() so that is u ses the SS L 3.0/TLS 1.0 | 853 | SSLv2 3_client_m ethod() so that is u ses the SS L 3.0/TLS 1.0 | |||
| 3753 | Clien t Hello me ssage form at if the SSL_OP_NO_ SSLv2 opti on is set. | 854 | Clien t Hello me ssage form at if the SSL_OP_NO_ SSLv2 opti on is set. | |||
| 3754 | (Prev iously, th e SSL 2.0 backwards compatible Client He llo | 855 | (Prev iously, th e SSL 2.0 backwards compatible Client He llo | |||
| 3755 | messa ge format would be u sed even w ith SSL_OP _NO_SSLv2. ) | 856 | messa ge format would be u sed even w ith SSL_OP _NO_SSLv2. ) | |||
| 3756 | [Bodo Moeller] | 857 | [Bodo Moeller] | |||
| 3757 | 858 | |||||
| 3758 | *) Add s upport for smime-typ e MIME par ameter in S/MIME mes sages whic h some | 859 | *) Add s upport for smime-typ e MIME par ameter in S/MIME mes sages whic h some | |||
| 3759 | clien ts need. | 860 | clien ts need. | |||
| 3760 | [Stev e Henson] | 861 | [Stev e Henson] | |||
| 3761 | 862 | |||||
| 3762 | *) New f unction BN _MONT_CTX_ set_locked () to set montgomery parameter s in | 863 | *) New f unction BN _MONT_CTX_ set_locked () to set montgomery parameter s in | |||
| 3763 | a thr eadsafe ma nner. Modi fy rsa cod e to use n ew functio n and add calls | 864 | a thr eadsafe ma nner. Modi fy rsa cod e to use n ew functio n and add calls | |||
| 3764 | to ds a and dh c ode (which had race conditions before). | 865 | to ds a and dh c ode (which had race conditions before). | |||
| 3765 | [Stev e Henson] | 866 | [Stev e Henson] | |||
| 3766 | 867 | |||||
| 3767 | *) Inclu de the fix ed error l ibrary cod e in the C error fil e definiti ons | 868 | *) Inclu de the fix ed error l ibrary cod e in the C error fil e definiti ons | |||
| 3768 | inste ad of fixi ng them up at runtim e. This ke eps the er ror code | 869 | inste ad of fixi ng them up at runtim e. This ke eps the er ror code | |||
| 3769 | struc tures cons tant. | 870 | struc tures cons tant. | |||
| 3770 | [Stev e Henson] | 871 | [Stev e Henson] | |||
| 3771 | 872 | |||||
| 3772 | Changes b etween 0.9 .7f and 0. 9.7g [11 Apr 2005] | 873 | Changes b etween 0.9 .7f and 0. 9.7g [11 Apr 2005] | |||
| 3773 | 874 | |||||
| 3774 | [NB: Ope nSSL 0.9.7 h and late r 0.9.7 pa tch levels were rele ased after | |||||
| 3775 | OpenSSL 0.9.8.] | |||||
| 3776 | ||||||
| 3777 | *) Fixes for newer kerberos headers. N B: the cas ts are nee ded becaus e | 875 | *) Fixes for newer kerberos headers. N B: the cas ts are nee ded becaus e | |||
| 3778 | the ' length' fi eld is sig ned on one version a nd unsigne d on anoth er | 876 | the ' length' fi eld is sig ned on one version a nd unsigne d on anoth er | |||
| 3779 | with no (?) obv ious way t o tell the differenc e, without these VC+ + | 877 | with no (?) obv ious way t o tell the differenc e, without these VC+ + | |||
| 3780 | compl ains. Also the "defi nition" of FAR (blan k) is no l onger incl uded | 878 | compl ains. Also the "defi nition" of FAR (blan k) is no l onger incl uded | |||
| 3781 | nor i s the erro r ENOMEM. KRB5_PRIVA TE has to be set to 1 to pick up | 879 | nor i s the erro r ENOMEM. KRB5_PRIVA TE has to be set to 1 to pick up | |||
| 3782 | some needed def initions. | 880 | some needed def initions. | |||
| 3783 | [Stev e Henson] | 881 | [Stev e Henson] | |||
| 3784 | 882 | |||||
| 3785 | *) Undo Cygwin cha nge. | 883 | *) Undo Cygwin cha nge. | |||
| 3786 | [Ulf Möller] | 884 | [Ulf Möller] | |||
| 3787 | 885 | |||||
| 3788 | *) Added support f or proxy c ertificate s accordin g to RFC 3 820. | 886 | *) Added support f or proxy c ertificate s accordin g to RFC 3 820. | |||
| 3789 | Becau se they ma y be a sec urity thre ad to unaw are applic ations, | 887 | Becau se they ma y be a sec urity thre ad to unaw are applic ations, | |||
| 3790 | they must be ex plicitely allowed in run-time. See | 888 | they must be ex plicitely allowed in run-time. See | |||
| 3791 | docs/ HOWTO/prox y_certific ates.txt f or further informati on. | 889 | docs/ HOWTO/prox y_certific ates.txt f or further informati on. | |||
| 3792 | [Rich ard Levitt e] | 890 | [Rich ard Levitt e] | |||
| 3793 | 891 | |||||
| 3794 | Changes b etween 0.9 .7e and 0. 9.7f [22 Mar 2005] | 892 | Changes b etween 0.9 .7e and 0. 9.7f [22 Mar 2005] | |||
| 3795 | 893 | |||||
| 3796 | *) Use ( SSL_RANDOM _VALUE - 4 ) bytes of pseudo ra ndom data when gener ating | 894 | *) Use ( SSL_RANDOM _VALUE - 4 ) bytes of pseudo ra ndom data when gener ating | |||
| 3797 | serve r and clie nt random values. Pr eviously | 895 | serve r and clie nt random values. Pr eviously | |||
| 3798 | (SSL_ RANDOM_VAL UE - sizeo f(time_t)) would be used which would res ult in | 896 | (SSL_ RANDOM_VAL UE - sizeo f(time_t)) would be used which would res ult in | |||
| 3799 | less random dat a when siz eof(time_t ) > 4 (som e 64 bit p latforms). | 897 | less random dat a when siz eof(time_t ) > 4 (som e 64 bit p latforms). | |||
| 3800 | 898 | |||||
| 3801 | This change has negligibl e security impact be cause: | 899 | This change has negligibl e security impact be cause: | |||
| 3802 | 900 | |||||
| 3803 | 1. Se rver and c lient rand om values still have 24 bytes of pseudo random | 901 | 1. Se rver and c lient rand om values still have 24 bytes of pseudo random | |||
| 3804 | da ta. | 902 | da ta. | |||
| 3805 | 903 | |||||
| 3806 | 2. Se rver and c lient rand om values are sent i n the clea r in the i nitial | 904 | 2. Se rver and c lient rand om values are sent i n the clea r in the i nitial | |||
| 3807 | ha ndshake. | 905 | ha ndshake. | |||
| 3808 | 906 | |||||
| 3809 | 3. Th e master s ecret is d erived usi ng the pre master sec ret (48 by tes in | 907 | 3. Th e master s ecret is d erived usi ng the pre master sec ret (48 by tes in | |||
| 3810 | si ze for sta tic RSA ci phersuites ) as well as client server and random | 908 | si ze for sta tic RSA ci phersuites ) as well as client server and random | |||
| 3811 | va lues. | 909 | va lues. | |||
| 3812 | 910 | |||||
| 3813 | The O penSSL tea m would li ke to than k the UK N ISCC for b ringing th is issue | 911 | The O penSSL tea m would li ke to than k the UK N ISCC for b ringing th is issue | |||
| 3814 | to ou r attentio n. | 912 | to ou r attentio n. | |||
| 3815 | 913 | |||||
| 3816 | [Step hen Henson , reported by UK NIS CC] | 914 | [Step hen Henson , reported by UK NIS CC] | |||
| 3817 | 915 | |||||
| 3818 | *) Use W indows ran domness co llection o n Cygwin. | 916 | *) Use W indows ran domness co llection o n Cygwin. | |||
| 3819 | [Ulf Möller] | 917 | [Ulf Möller] | |||
| 3820 | 918 | |||||
| 3821 | *) Fix h ang in EGD /PRNGD que ry when co mmunicatio n socket i s closed | 919 | *) Fix h ang in EGD /PRNGD que ry when co mmunicatio n socket i s closed | |||
| 3822 | prema turely by EGD/PRNGD. | 920 | prema turely by EGD/PRNGD. | |||
| 3823 | [Darr en Tucker <dtucker@z ip.com.au> via Lutz Jänicke, r esolves #1 014] | 921 | [Darr en Tucker <dtucker@z ip.com.au> via Lutz Jänicke, r esolves #1 014] | |||
| 3824 | 922 | |||||
| 3825 | *) Promp t for pass phrases w hen approp riate for PKCS12 inp ut format. | 923 | *) Promp t for pass phrases w hen approp riate for PKCS12 inp ut format. | |||
| 3826 | [Stev e Henson] | 924 | [Stev e Henson] | |||
| 3827 | 925 | |||||
| 3828 | *) Back- port of se lected per formance i mprovement s from dev elopment | 926 | *) Back- port of se lected per formance i mprovement s from dev elopment | |||
| 3829 | branc h, as well as improv ed support for Power PC platfor ms. | 927 | branc h, as well as improv ed support for Power PC platfor ms. | |||
| 3830 | [Andy Polyakov] | 928 | [Andy Polyakov] | |||
| 3831 | 929 | |||||
| 3832 | *) Add l ots of che cks for me mory alloc ation fail ure, error codes to indicate | 930 | *) Add l ots of che cks for me mory alloc ation fail ure, error codes to indicate | |||
| 3833 | failu re and fre eing up me mory if a failure oc curs. | 931 | failu re and fre eing up me mory if a failure oc curs. | |||
| 3834 | [Naut icus Netwo rks SSL Te am <openss l@nauticus net.com>, Steve Hens on] | 932 | [Naut icus Netwo rks SSL Te am <openss l@nauticus net.com>, Steve Hens on] | |||
| 3835 | 933 | |||||
| 3836 | *) Add n ew -passin argument to dgst. | 934 | *) Add n ew -passin argument to dgst. | |||
| 3837 | [Stev e Henson] | 935 | [Stev e Henson] | |||
| 3838 | 936 | |||||
| 3839 | *) Perfo rm some ch aracter co mparisons of differe nt types i n X509_NAM E_cmp: | 937 | *) Perfo rm some ch aracter co mparisons of differe nt types i n X509_NAM E_cmp: | |||
| 3840 | this is needed for some c ertificate s that ree ncode DNs into UTF8S trings | 938 | this is needed for some c ertificate s that ree ncode DNs into UTF8S trings | |||
| 3841 | (in v iolation o f RFC3280) and can't or wont i ssue name rollover | 939 | (in v iolation o f RFC3280) and can't or wont i ssue name rollover | |||
| 3842 | certi ficates. | 940 | certi ficates. | |||
| 3843 | [Stev e Henson] | 941 | [Stev e Henson] | |||
| 3844 | 942 | |||||
| 3845 | *) Make an explici t check du ring certi ficate val idation to see that | 943 | *) Make an explici t check du ring certi ficate val idation to see that | |||
| 3846 | the C A setting in each ce rtificate on the cha in is corr ect. As a | 944 | the C A setting in each ce rtificate on the cha in is corr ect. As a | |||
| 3847 | side effect alw ays do the following basic che cks on ext ensions, | 945 | side effect alw ays do the following basic che cks on ext ensions, | |||
| 3848 | not j ust when t here's an associated purpose t o the chec k: | 946 | not j ust when t here's an associated purpose t o the chec k: | |||
| 3849 | 947 | |||||
| 3850 | - if there is an unhandl ed critica l extensio n (unless the user | 948 | - if there is an unhandl ed critica l extensio n (unless the user | |||
| 3851 | ha s chosen t o ignore t his fault) | 949 | ha s chosen t o ignore t his fault) | |||
| 3852 | - if the path length has been exce eded (if o ne is set at all) | 950 | - if the path length has been exce eded (if o ne is set at all) | |||
| 3853 | - th at certain extension s fit the associated purpose ( if one has | 951 | - th at certain extension s fit the associated purpose ( if one has | |||
| 3854 | be en given) | 952 | be en given) | |||
| 3855 | [Rich ard Levitt e] | 953 | [Rich ard Levitt e] | |||
| 3856 | 954 | |||||
| 3857 | Changes b etween 0.9 .7d and 0. 9.7e [25 Oct 2004] | 955 | Changes b etween 0.9 .7d and 0. 9.7e [25 Oct 2004] | |||
| 3858 | 956 | |||||
| 3859 | *) Avoid a race co ndition wh en CRLs ar e checked in a multi threaded | 957 | *) Avoid a race co ndition wh en CRLs ar e checked in a multi threaded | |||
| 3860 | envir onment. Th is would h appen due to the reo rdering of the revok ed | 958 | envir onment. Th is would h appen due to the reo rdering of the revok ed | |||
| 3861 | entri es during signature checking a nd serial number loo kup. Now t he | 959 | entri es during signature checking a nd serial number loo kup. Now t he | |||
| 3862 | encod ing is cac hed and th e serial n umber sort performed under a l ock. | 960 | encod ing is cac hed and th e serial n umber sort performed under a l ock. | |||
| 3863 | Add n ew STACK f unction sk _is_sorted (). | 961 | Add n ew STACK f unction sk _is_sorted (). | |||
| 3864 | [Stev e Henson] | 962 | [Stev e Henson] | |||
| 3865 | 963 | |||||
| 3866 | *) Add D elta CRL t o the exte nsion code . | 964 | *) Add D elta CRL t o the exte nsion code . | |||
| 3867 | [Stev e Henson] | 965 | [Stev e Henson] | |||
| 3868 | 966 | |||||
| 3869 | *) Vario us fixes t o s3_pkt.c so alerts are sent properly. | 967 | *) Vario us fixes t o s3_pkt.c so alerts are sent properly. | |||
| 3870 | [Davi d Holmes < d.holmes@f 5.com>] | 968 | [Davi d Holmes < d.holmes@f 5.com>] | |||
| 3871 | 969 | |||||
| 3872 | *) Reduc e the chan ces of dup licate iss uer name a nd serial numbers (i n | 970 | *) Reduc e the chan ces of dup licate iss uer name a nd serial numbers (i n | |||
| 3873 | viola tion of RF C3280) usi ng the Ope nSSL certi ficate cre ation util ities. | 971 | viola tion of RF C3280) usi ng the Ope nSSL certi ficate cre ation util ities. | |||
| 3874 | This is done by creating a random 6 4 bit valu e for the initial se rial | 972 | This is done by creating a random 6 4 bit valu e for the initial se rial | |||
| 3875 | numbe r when a s erial numb er file is created o r when a s elf signed | 973 | numbe r when a s erial numb er file is created o r when a s elf signed | |||
| 3876 | certi ficate is created us ing 'opens sl req -x5 09'. The i nitial ser ial | 974 | certi ficate is created us ing 'opens sl req -x5 09'. The i nitial ser ial | |||
| 3877 | numbe r file is created us ing 'opens sl x509 -n ext_serial ' in CA.pl | 975 | numbe r file is created us ing 'opens sl x509 -n ext_serial ' in CA.pl | |||
| 3878 | rathe r than bei ng initial ized to 1. | 976 | rathe r than bei ng initial ized to 1. | |||
| 3879 | [Stev e Henson] | 977 | [Stev e Henson] | |||
| 3880 | 978 | |||||
| 3881 | Changes b etween 0.9 .7c and 0. 9.7d [17 Mar 2004] | 979 | Changes b etween 0.9 .7c and 0. 9.7d [17 Mar 2004] | |||
| 3882 | 980 | |||||
| 3883 | *) Fix n ull-pointe r assignme nt in do_c hange_ciph er_spec() revealed | 981 | *) Fix n ull-pointe r assignme nt in do_c hange_ciph er_spec() revealed | |||
| 3884 | by us ing the Co denomicon TLS Test T ool (CVE-2 004-0079) | 982 | by us ing the Co denomicon TLS Test T ool (CAN-2 004-0079) | |||
| 3885 | [Joe Orton, Ste ve Henson] | 983 | [Joe Orton, Ste ve Henson] | |||
| 3886 | 984 | |||||
| 3887 | *) Fix f law in SSL /TLS hands haking whe n using Ke rberos cip hersuites | 985 | *) Fix f law in SSL /TLS hands haking whe n using Ke rberos cip hersuites | |||
| 3888 | (CVE- 2004-0112) | 986 | (CAN- 2004-0112) | |||
| 3889 | [Joe Orton, Ste ve Henson] | 987 | [Joe Orton, Ste ve Henson] | |||
| 3890 | 988 | |||||
| 3891 | *) Make it possibl e to have multiple a ctive cert ificates w ith the sa me | 989 | *) Make it possibl e to have multiple a ctive cert ificates w ith the sa me | |||
| 3892 | subje ct in the CA index f ile. This is done o nly if the keyword | 990 | subje ct in the CA index f ile. This is done o nly if the keyword | |||
| 3893 | 'uniq ue_subject ' is set t o 'no' in the main C A section (default | 991 | 'uniq ue_subject ' is set t o 'no' in the main C A section (default | |||
| 3894 | if 'C A_default' ) of the c onfigurati on file. The value is saved | 992 | if 'C A_default' ) of the c onfigurati on file. The value is saved | |||
| 3895 | with the databa se itself in a separ ate index attribute file, | 993 | with the databa se itself in a separ ate index attribute file, | |||
| 3896 | named like the index file with '.at tr' append ed to the name. | 994 | named like the index file with '.at tr' append ed to the name. | |||
| 3897 | [Rich ard Levitt e] | 995 | [Rich ard Levitt e] | |||
| 3898 | 996 | |||||
| 3899 | *) X509 verify fix es. Disabl e broken c ertificate workaroun ds when | 997 | *) X509 verify fix es. Disabl e broken c ertificate workaroun ds when | |||
| 3900 | X509_ V_FLAGS_X5 09_STRICT is set. Ch eck CRL is suer has c RLSign set if | 998 | X509_ V_FLAGS_X5 09_STRICT is set. Ch eck CRL is suer has c RLSign set if | |||
| 3901 | keyUs age extens ion presen t. Don't a ccept CRLs with unha ndled crit ical | 999 | keyUs age extens ion presen t. Don't a ccept CRLs with unha ndled crit ical | |||
| 3902 | exten sions: sin ce verify currently doesn't pr ocess CRL extensions this | 1000 | exten sions: sin ce verify currently doesn't pr ocess CRL extensions this | |||
| 3903 | rejec ts a CRL w ith *any* critical e xtensions. Add new v erify erro r codes | 1001 | rejec ts a CRL w ith *any* critical e xtensions. Add new v erify erro r codes | |||
| 3904 | for t hese cases . | 1002 | for t hese cases . | |||
| 3905 | [Stev e Henson] | 1003 | [Stev e Henson] | |||
| 3906 | 1004 | |||||
| 3907 | *) When creating a n OCSP non ce use an OCTET STRI NG inside the extnVa lue. | 1005 | *) When creating a n OCSP non ce use an OCTET STRI NG inside the extnVa lue. | |||
| 3908 | A cla rification of RFC256 0 will req uire the u se of OCTE T STRINGs and | 1006 | A cla rification of RFC256 0 will req uire the u se of OCTE T STRINGs and | |||
| 3909 | some implementa tions cann ot handle the curren t raw form at. Since OpenSSL | 1007 | some implementa tions cann ot handle the curren t raw form at. Since OpenSSL | |||
| 3910 | copie s and comp ares OCSP nonces as opaque blo bs without any attem pt at | 1008 | copie s and comp ares OCSP nonces as opaque blo bs without any attem pt at | |||
| 3911 | parsi ng them th is should not create any compa tibility i ssues. | 1009 | parsi ng them th is should not create any compa tibility i ssues. | |||
| 3912 | [Stev e Henson] | 1010 | [Stev e Henson] | |||
| 3913 | 1011 | |||||
| 3914 | *) New m d flag EVP _MD_CTX_FL AG_REUSE t his allows md_data t o be reuse d when | 1012 | *) New m d flag EVP _MD_CTX_FL AG_REUSE t his allows md_data t o be reuse d when | |||
| 3915 | calli ng EVP_MD_ CTX_copy_e x() to avo id calling OPENSSL_m alloc(). W ithout | 1013 | calli ng EVP_MD_ CTX_copy_e x() to avo id calling OPENSSL_m alloc(). W ithout | |||
| 3916 | this HMAC (and other) ope rations ar e several times slow er than Op enSSL | 1014 | this HMAC (and other) ope rations ar e several times slow er than Op enSSL | |||
| 3917 | < 0.9 .7. | 1015 | < 0.9 .7. | |||
| 3918 | [Stev e Henson] | 1016 | [Stev e Henson] | |||
| 3919 | 1017 | |||||
| 3920 | *) Print out Gener alizedTime and UTCTi me in ASN1 _STRING_pr int_ex(). | 1018 | *) Print out Gener alizedTime and UTCTi me in ASN1 _STRING_pr int_ex(). | |||
| 3921 | [Pete r Sylveste r <Peter.S ylvester@E delWeb.fr> ] | 1019 | [Pete r Sylveste r <Peter.S ylvester@E delWeb.fr> ] | |||
| 3922 | 1020 | |||||
| 3923 | *) Use t he correct content w hen signin g type "ot her". | 1021 | *) Use t he correct content w hen signin g type "ot her". | |||
| 3924 | [Stev e Henson] | 1022 | [Stev e Henson] | |||
| 3925 | 1023 | |||||
| 3926 | Changes b etween 0.9 .7b and 0. 9.7c [30 Sep 2003] | 1024 | Changes b etween 0.9 .7b and 0. 9.7c [30 Sep 2003] | |||
| 3927 | 1025 | |||||
| 3928 | *) Fix v arious bug s revealed by runnin g the NISC C test sui te: | 1026 | *) Fix v arious bug s revealed by runnin g the NISC C test sui te: | |||
| 3929 | 1027 | |||||
| 3930 | Stop out of bou nds reads in the ASN 1 code whe n presente d with | 1028 | Stop out of bou nds reads in the ASN 1 code whe n presente d with | |||
| 3931 | inval id tags (C VE-2003-05 43 and CVE -2003-0544 ). | 1029 | inval id tags (C AN-2003-05 43 and CAN -2003-0544 ). | |||
| 3932 | 1030 | |||||
| 3933 | Free up ASN1_TY PE correct ly if ANY type is in valid (CVE -2003-0545 ). | 1031 | Free up ASN1_TY PE correct ly if ANY type is in valid (CAN -2003-0545 ). | |||
| 3934 | 1032 | |||||
| 3935 | If ve rify callb ack ignore s invalid public key errors do n't try to check | 1033 | If ve rify callb ack ignore s invalid public key errors do n't try to check | |||
| 3936 | certi ficate sig nature wit h the NULL public ke y. | 1034 | certi ficate sig nature wit h the NULL public ke y. | |||
| 3937 | 1035 | |||||
| 3938 | [Stev e Henson] | 1036 | [Stev e Henson] | |||
| 3939 | 1037 | |||||
| 3940 | *) New - ignore_err option in ocsp appl ication to stop the server | 1038 | *) New - ignore_err option in ocsp appl ication to stop the server | |||
| 3941 | exiti ng on the first erro r in a req uest. | 1039 | exiti ng on the first erro r in a req uest. | |||
| 3942 | [Stev e Henson] | 1040 | [Stev e Henson] | |||
| 3943 | 1041 | |||||
| 3944 | *) In ss l3_accept( ) (ssl/s3_ srvr.c) on ly accept a client c ertificate | 1042 | *) In ss l3_accept( ) (ssl/s3_ srvr.c) on ly accept a client c ertificate | |||
| 3945 | if th e server r equested o ne: as sta ted in TLS 1.0 and S SL 3.0 | 1043 | if th e server r equested o ne: as sta ted in TLS 1.0 and S SL 3.0 | |||
| 3946 | speci fications. | 1044 | speci fications. | |||
| 3947 | [Stev e Henson] | 1045 | [Stev e Henson] | |||
| 3948 | 1046 | |||||
| 3949 | *) In ss l3_get_cli ent_hello( ) (ssl/s3_ srvr.c), t olerate ad ditional | 1047 | *) In ss l3_get_cli ent_hello( ) (ssl/s3_ srvr.c), t olerate ad ditional | |||
| 3950 | extra data afte r the comp ression me thods not only for T LS 1.0 | 1048 | extra data afte r the comp ression me thods not only for T LS 1.0 | |||
| 3951 | but a lso for SS L 3.0 (as required b y the spec ification) . | 1049 | but a lso for SS L 3.0 (as required b y the spec ification) . | |||
| 3952 | [Bodo Moeller; problem po inted out by Matthia s Loepfe] | 1050 | [Bodo Moeller; problem po inted out by Matthia s Loepfe] | |||
| 3953 | 1051 | |||||
| 3954 | *) Chang e X509_cer tificate_t ype() to m ark the ke y as expor ted/export able | 1052 | *) Chang e X509_cer tificate_t ype() to m ark the ke y as expor ted/export able | |||
| 3955 | when it's 512 * bits* long , not 512 bytes. | 1053 | when it's 512 * bits* long , not 512 bytes. | |||
| 3956 | [Rich ard Levitt e] | 1054 | [Rich ard Levitt e] | |||
| 3957 | 1055 | |||||
| 3958 | *) Chang e AES_cbc_ encrypt() so it outp uts exact multiple o f | 1056 | *) Chang e AES_cbc_ encrypt() so it outp uts exact multiple o f | |||
| 3959 | block s during e ncryption. | 1057 | block s during e ncryption. | |||
| 3960 | [Rich ard Levitt e] | 1058 | [Rich ard Levitt e] | |||
| 3961 | 1059 | |||||
| 3962 | *) Vario us fixes t o base64 B IO and non blocking I/O. On wr ite | 1060 | *) Vario us fixes t o base64 B IO and non blocking I/O. On wr ite | |||
| 3963 | flush es were no t handled properly i f the BIO retried. O n read | 1061 | flush es were no t handled properly i f the BIO retried. O n read | |||
| 3964 | data was not be ing buffer ed properl y and had various lo gic bugs. | 1062 | data was not be ing buffer ed properl y and had various lo gic bugs. | |||
| 3965 | This also affec ts blockin g I/O when the data being deco ded is a | 1063 | This also affec ts blockin g I/O when the data being deco ded is a | |||
| 3966 | certa in size. | 1064 | certa in size. | |||
| 3967 | [Stev e Henson] | 1065 | [Stev e Henson] | |||
| 3968 | 1066 | |||||
| 3969 | *) Vario us S/MIME bugfixes a nd compati bility cha nges: | 1067 | *) Vario us S/MIME bugfixes a nd compati bility cha nges: | |||
| 3970 | outpu t correct applicatio n/pkcs7 MI ME type if | 1068 | outpu t correct applicatio n/pkcs7 MI ME type if | |||
| 3971 | PKCS7 _NOOLDMIME TYPE is se t. Tolerat e some bro ken signat ures. | 1069 | PKCS7 _NOOLDMIME TYPE is se t. Tolerat e some bro ken signat ures. | |||
| 3972 | Outpu t CR+LF fo r EOL if P KCS7_CRLFE OL is set (this make s opening | 1070 | Outpu t CR+LF fo r EOL if P KCS7_CRLFE OL is set (this make s opening | |||
| 3973 | of fi les as .em l work). C orrectly h andle very long line s in MIME | 1071 | of fi les as .em l work). C orrectly h andle very long line s in MIME | |||
| 3974 | parse r. | 1072 | parse r. | |||
| 3975 | [Stev e Henson] | 1073 | [Stev e Henson] | |||
| 3976 | 1074 | |||||
| 3977 | Changes b etween 0.9 .7a and 0. 9.7b [10 Apr 2003] | 1075 | Changes b etween 0.9 .7a and 0. 9.7b [10 Apr 2003] | |||
| 3978 | 1076 | |||||
| 3979 | *) Count ermeasure against th e Klima-Po korny-Rosa extension of | 1077 | *) Count ermeasure against th e Klima-Po korny-Rosa extension of | |||
| 3980 | Bleic hbacher's attack on PKCS #1 v1 .5 padding : treat | 1078 | Bleic hbacher's attack on PKCS #1 v1 .5 padding : treat | |||
| 3981 | a pro tocol vers ion number mismatch like a dec ryption er ror | 1079 | a pro tocol vers ion number mismatch like a dec ryption er ror | |||
| 3982 | in ss l3_get_cli ent_key_ex change (ss l/s3_srvr. c). | 1080 | in ss l3_get_cli ent_key_ex change (ss l/s3_srvr. c). | |||
| 3983 | [Bodo Moeller] | 1081 | [Bodo Moeller] | |||
| 3984 | 1082 | |||||
| 3985 | *) Turn on RSA bli nding by d efault in the defaul t implemen tation | 1083 | *) Turn on RSA bli nding by d efault in the defaul t implemen tation | |||
| 3986 | to av oid a timi ng attack. Applicati ons that d on't want it can cal l | 1084 | to av oid a timi ng attack. Applicati ons that d on't want it can cal l | |||
| 3987 | RSA_b linding_of f() or use the new f lag RSA_FL AG_NO_BLIN DING. | 1085 | RSA_b linding_of f() or use the new f lag RSA_FL AG_NO_BLIN DING. | |||
| 3988 | They would be i ll-advised to do so in most ca ses. | 1086 | They would be i ll-advised to do so in most ca ses. | |||
| 3989 | [Ben Laurie, St eve Henson , Geoff Th orpe, Bodo Moeller] | 1087 | [Ben Laurie, St eve Henson , Geoff Th orpe, Bodo Moeller] | |||
| 3990 | 1088 | |||||
| 3991 | *) Chang e RSA blin ding code so that it works whe n the PRNG is not | 1089 | *) Chang e RSA blin ding code so that it works whe n the PRNG is not | |||
| 3992 | seede d (in this case, the secret RS A exponent is abused as | 1090 | seede d (in this case, the secret RS A exponent is abused as | |||
| 3993 | an un predictabl e seed -- if it is n ot unpredi ctable, th ere | 1091 | an un predictabl e seed -- if it is n ot unpredi ctable, th ere | |||
| 3994 | is no point in blinding a nyway). M ake RSA bl inding thr ead-safe | 1092 | is no point in blinding a nyway). M ake RSA bl inding thr ead-safe | |||
| 3995 | by re membering the creato r's thread ID in rsa ->blinding and | 1093 | by re membering the creato r's thread ID in rsa ->blinding and | |||
| 3996 | havin g all othe r threads use local one-time b linding fa ctors | 1094 | havin g all othe r threads use local one-time b linding fa ctors | |||
| 3997 | (this requires more compu tation tha n sharing rsa->blind ing, but | 1095 | (this requires more compu tation tha n sharing rsa->blind ing, but | |||
| 3998 | avoid s excessiv e locking; and if an RSA objec t is not s hared | 1096 | avoid s excessiv e locking; and if an RSA objec t is not s hared | |||
| 3999 | betwe en threads , blinding will stil l be very fast). | 1097 | betwe en threads , blinding will stil l be very fast). | |||
| 4000 | [Bodo Moeller] | 1098 | [Bodo Moeller] | |||
| 4001 | 1099 | |||||
| 4002 | *) Fixed a typo bu g that wou ld cause E NGINE_set_ default() to set an | 1100 | *) Fixed a typo bu g that wou ld cause E NGINE_set_ default() to set an | |||
| 4003 | ENGIN E as defau lts for al l supporte d algorith ms irrespe ctive of | 1101 | ENGIN E as defau lts for al l supporte d algorith ms irrespe ctive of | |||
| 4004 | the ' flags' par ameter. 'f lags' is n ow honoure d, so appl ications | 1102 | the ' flags' par ameter. 'f lags' is n ow honoure d, so appl ications | |||
| 4005 | shoul d make sur e they are passing i t correctl y. | 1103 | shoul d make sur e they are passing i t correctl y. | |||
| 4006 | [Geof f Thorpe] | 1104 | [Geof f Thorpe] | |||
| 4007 | 1105 | |||||
| 4008 | *) Targe t "mingw" now allows native Wi ndows code to be gen erated in | 1106 | *) Targe t "mingw" now allows native Wi ndows code to be gen erated in | |||
| 4009 | the C ygwin envi ronment as well as w ith the Mi nGW compil er. | 1107 | the C ygwin envi ronment as well as w ith the Mi nGW compil er. | |||
| 4010 | [Ulf Moeller] | 1108 | [Ulf Moeller] | |||
| 4011 | 1109 | |||||
| 4012 | Changes b etween 0.9 .7 and 0.9 .7a [19 F eb 2003] | 1110 | Changes b etween 0.9 .7 and 0.9 .7a [19 F eb 2003] | |||
| 4013 | 1111 | |||||
| 4014 | *) In ss l3_get_rec ord (ssl/s 3_pkt.c), minimize i nformation leaked | 1112 | *) In ss l3_get_rec ord (ssl/s 3_pkt.c), minimize i nformation leaked | |||
| 4015 | via t iming by p erforming a MAC comp utation ev en if inco rrrect | 1113 | via t iming by p erforming a MAC comp utation ev en if inco rrrect | |||
| 4016 | block cipher pa dding has been found . This is a counter measure | 1114 | block cipher pa dding has been found . This is a counter measure | |||
| 4017 | again st active attacks wh ere the at tacker has to distin guish | 1115 | again st active attacks wh ere the at tacker has to distin guish | |||
| 4018 | betwe en bad pad ding and a MAC verif ication er ror. (CVE- 2003-0078) | 1116 | betwe en bad pad ding and a MAC verif ication er ror. (CAN- 2003-0078) | |||
| 4019 | 1117 | |||||
| 4020 | [Bodo Moeller; problem po inted out by Brice C anvel (EPF L), | 1118 | [Bodo Moeller; problem po inted out by Brice C anvel (EPF L), | |||
| 4021 | Alain Hiltgen ( UBS), Serg e Vaudenay (EPFL), a nd | 1119 | Alain Hiltgen ( UBS), Serg e Vaudenay (EPFL), a nd | |||
| 4022 | Marti n Vuagnoux (EPFL, Il ion)] | 1120 | Marti n Vuagnoux (EPFL, Il ion)] | |||
| 4023 | 1121 | |||||
| 4024 | *) Make the no-err option wo rk as inte nded. The intention with no-e rr | 1122 | *) Make the no-err option wo rk as inte nded. The intention with no-e rr | |||
| 4025 | is no t to have the whole error stac k handling routines removed fr om | 1123 | is no t to have the whole error stac k handling routines removed fr om | |||
| 4026 | libcr ypto, it's only inte nded to re move all t he functio n name and | 1124 | libcr ypto, it's only inte nded to re move all t he functio n name and | |||
| 4027 | reaso n texts, t hereby rem oving some of the fo otprint th at may not | 1125 | reaso n texts, t hereby rem oving some of the fo otprint th at may not | |||
| 4028 | be in teresting if those e rrors aren 't display ed anyway. | 1126 | be in teresting if those e rrors aren 't display ed anyway. | |||
| 4029 | 1127 | |||||
| 4030 | NOTE: it's stil l possible for any a pplication or module to have i t's | 1128 | NOTE: it's stil l possible for any a pplication or module to have i t's | |||
| 4031 | own s et of erro r texts in serted. T he routine s are ther e, just no t | 1129 | own s et of erro r texts in serted. T he routine s are ther e, just no t | |||
| 4032 | used by default when no-e rr is give n. | 1130 | used by default when no-e rr is give n. | |||
| 4033 | [Rich ard Levitt e] | 1131 | [Rich ard Levitt e] | |||
| 4034 | 1132 | |||||
| 4035 | *) Add s upport for FreeBSD o n IA64. | 1133 | *) Add s upport for FreeBSD o n IA64. | |||
| 4036 | [dirk .meyer@din oex.sub.or g via Rich ard Levitt e, resolve s #454] | 1134 | [dirk .meyer@din oex.sub.or g via Rich ard Levitt e, resolve s #454] | |||
| 4037 | 1135 | |||||
| 4038 | *) Adjus t DES_cbc_ cksum() so it return s the same value as the MIT | 1136 | *) Adjus t DES_cbc_ cksum() so it return s the same value as the MIT | |||
| 4039 | Kerbe ros functi on mit_des _cbc_cksum (). Befor e this cha nge, | 1137 | Kerbe ros functi on mit_des _cbc_cksum (). Befor e this cha nge, | |||
| 4040 | the v alue retur ned by DES _cbc_cksum () was lik e the one from | 1138 | the v alue retur ned by DES _cbc_cksum () was lik e the one from | |||
| 4041 | mit_d es_cbc_cks um(), exce pt the byt es were sw apped. | 1139 | mit_d es_cbc_cks um(), exce pt the byt es were sw apped. | |||
| 4042 | [Kevi n Greaney <Kevin.Gre aney@hp.co m> and Ric hard Levit te] | 1140 | [Kevi n Greaney <Kevin.Gre aney@hp.co m> and Ric hard Levit te] | |||
| 4043 | 1141 | |||||
| 4044 | *) Allow an applic ation to d isable the automatic SSL chain building. | 1142 | *) Allow an applic ation to d isable the automatic SSL chain building. | |||
| 4045 | Befor e this a r ather prim itive chai n build wa s always p erformed i n | 1143 | Befor e this a r ather prim itive chai n build wa s always p erformed i n | |||
| 4046 | ssl3_ output_cer t_chain(): an applic ation had no way to send the | 1144 | ssl3_ output_cer t_chain(): an applic ation had no way to send the | |||
| 4047 | corre ct chain i f the auto matic oper ation prod uced an in correct re sult. | 1145 | corre ct chain i f the auto matic oper ation prod uced an in correct re sult. | |||
| 4048 | 1146 | |||||
| 4049 | Now t he chain b uilder is disabled i f either: | 1147 | Now t he chain b uilder is disabled i f either: | |||
| 4050 | 1148 | |||||
| 4051 | 1. Ex tra certif icates are added via SSL_CTX_a dd_extra_c hain_cert( ). | 1149 | 1. Ex tra certif icates are added via SSL_CTX_a dd_extra_c hain_cert( ). | |||
| 4052 | 1150 | |||||
| 4053 | 2. Th e mode fla g SSL_MODE _NO_AUTO_C HAIN is se t. | 1151 | 2. Th e mode fla g SSL_MODE _NO_AUTO_C HAIN is se t. | |||
| 4054 | 1152 | |||||
| 4055 | The r easoning b ehind this is that a n applicat ion would not want t he | 1153 | The r easoning b ehind this is that a n applicat ion would not want t he | |||
| 4056 | auto chain buil ding to ta ke place i f extra ch ain certif icates are | 1154 | auto chain buil ding to ta ke place i f extra ch ain certif icates are | |||
| 4057 | prese nt and it might also want a me ans of sen ding no ad ditional | 1155 | prese nt and it might also want a me ans of sen ding no ad ditional | |||
| 4058 | certi ficates (f or example the chain has two c ertificate s and the | 1156 | certi ficates (f or example the chain has two c ertificate s and the | |||
| 4059 | root is omitted ). | 1157 | root is omitted ). | |||
| 4060 | [Stev e Henson] | 1158 | [Stev e Henson] | |||
| 4061 | 1159 | |||||
| 4062 | *) Add t he possibi lity to bu ild withou t the ENGI NE framewo rk. | 1160 | *) Add t he possibi lity to bu ild withou t the ENGI NE framewo rk. | |||
| 4063 | [Stev en Reddie <smr@essem er.com.au> via Richa rd Levitte ] | 1161 | [Stev en Reddie <smr@essem er.com.au> via Richa rd Levitte ] | |||
| 4064 | 1162 | |||||
| 4065 | *) Under Win32 gmt ime() can return NUL L: check r eturn valu e in | 1163 | *) Under Win32 gmt ime() can return NUL L: check r eturn valu e in | |||
| 4066 | OPENS SL_gmtime( ). Add err or code fo r case whe re gmtime( ) fails. | 1164 | OPENS SL_gmtime( ). Add err or code fo r case whe re gmtime( ) fails. | |||
| 4067 | [Stev e Henson] | 1165 | [Stev e Henson] | |||
| 4068 | 1166 | |||||
| 4069 | *) DSA r outines: u nder certa in error c onditions uninitiali zed BN obj ects | 1167 | *) DSA r outines: u nder certa in error c onditions uninitiali zed BN obj ects | |||
| 4070 | could be freed. Solution: make sure initializ ation is p erformed e arly | 1168 | could be freed. Solution: make sure initializ ation is p erformed e arly | |||
| 4071 | enoug h. (Report ed and fix supplied by Ivan D Nestlerode <nestler@ MIT.EDU>, | 1169 | enoug h. (Report ed and fix supplied by Ivan D Nestlerode <nestler@ MIT.EDU>, | |||
| 4072 | Nils Larsch <nl a@trustcen ter.de> vi a PR#459) | 1170 | Nils Larsch <nl a@trustcen ter.de> vi a PR#459) | |||
| 4073 | [Lutz Jaenicke] | 1171 | [Lutz Jaenicke] | |||
| 4074 | 1172 | |||||
| 4075 | *) Anoth er fix for SSLv2 ses sion ID ha ndling: th e session ID was inc orrectly | 1173 | *) Anoth er fix for SSLv2 ses sion ID ha ndling: th e session ID was inc orrectly | |||
| 4076 | check ed on reco nnect on t he client side, ther efore sess ion resump tion | 1174 | check ed on reco nnect on t he client side, ther efore sess ion resump tion | |||
| 4077 | could still fai l with a " ssl sessio n id is di fferent" e rror. This | 1175 | could still fai l with a " ssl sessio n id is di fferent" e rror. This | |||
| 4078 | behav iour is ma sked when SSL_OP_ALL is used d ue to | 1176 | behav iour is ma sked when SSL_OP_ALL is used d ue to | |||
| 4079 | SSL_O P_MICROSOF T_SESS_ID_ BUG being set. | 1177 | SSL_O P_MICROSOF T_SESS_ID_ BUG being set. | |||
| 4080 | Behav iour obser ved by Cri spin Flowe rday <cris pin@flower day.cx> as | 1178 | Behav iour obser ved by Cri spin Flowe rday <cris pin@flower day.cx> as | |||
| 4081 | follo wup to PR #377. | 1179 | follo wup to PR #377. | |||
| 4082 | [Lutz Jaenicke] | 1180 | [Lutz Jaenicke] | |||
| 4083 | 1181 | |||||
| 4084 | *) IA-32 assembler support e nhancement s: unified ELF targe ts, suppor t | 1182 | *) IA-32 assembler support e nhancement s: unified ELF targe ts, suppor t | |||
| 4085 | for S CO/Caldera platforms , fix for Cygwin sha red build. | 1183 | for S CO/Caldera platforms , fix for Cygwin sha red build. | |||
| 4086 | [Andy Polyakov] | 1184 | [Andy Polyakov] | |||
| 4087 | 1185 | |||||
| 4088 | *) Add s upport for FreeBSD o n sparc64. As a con sequence, support fo r | 1186 | *) Add s upport for FreeBSD o n sparc64. As a con sequence, support fo r | |||
| 4089 | FreeB SD on non- x86 proces sors is se parate fro m x86 proc essors on | 1187 | FreeB SD on non- x86 proces sors is se parate fro m x86 proc essors on | |||
| 4090 | the c onfig scri pt, much l ike the Ne tBSD suppo rt. | 1188 | the c onfig scri pt, much l ike the Ne tBSD suppo rt. | |||
| 4091 | [Rich ard Levitt e & Kris K ennaway <k ris@obsecu rity.org>] | 1189 | [Rich ard Levitt e & Kris K ennaway <k ris@obsecu rity.org>] | |||
| 4092 | 1190 | |||||
| 4093 | Changes b etween 0.9 .6h and 0. 9.7 [31 D ec 2002] | 1191 | Changes b etween 0.9 .6h and 0. 9.7 [31 D ec 2002] | |||
| 4094 | 1192 | |||||
| 4095 | [NB: Ope nSSL 0.9.6 i and late r 0.9.6 pa tch levels were rele ased after | 1193 | [NB: Ope nSSL 0.9.6 i and late r 0.9.6 pa tch levels were rele ased after | |||
| 4096 | OpenSSL 0.9.7.] | 1194 | OpenSSL 0.9.7.] | |||
| 4097 | 1195 | |||||
| 4098 | *) Fix s ession ID handling i n SSLv2 cl ient code: the SERVE R FINISHED | 1196 | *) Fix s ession ID handling i n SSLv2 cl ient code: the SERVE R FINISHED | |||
| 4099 | code (06) was t aken as th e first oc tet of the session I D and the last | 1197 | code (06) was t aken as th e first oc tet of the session I D and the last | |||
| 4100 | octet was ignor ed consequ ently. As a result S SLv2 clien t side ses sion | 1198 | octet was ignor ed consequ ently. As a result S SLv2 clien t side ses sion | |||
| 4101 | cachi ng could n ot have wo rked due t o the sess ion ID mis match betw een | 1199 | cachi ng could n ot have wo rked due t o the sess ion ID mis match betw een | |||
| 4102 | clien t and serv er. | 1200 | clien t and serv er. | |||
| 4103 | Behav iour obser ved by Cri spin Flowe rday <cris pin@flower day.cx> as | 1201 | Behav iour obser ved by Cri spin Flowe rday <cris pin@flower day.cx> as | |||
| 4104 | PR #3 77. | 1202 | PR #3 77. | |||
| 4105 | [Lutz Jaenicke] | 1203 | [Lutz Jaenicke] | |||
| 4106 | 1204 | |||||
| 4107 | *) Chang e the decl aration of needed Ke rberos lib raries to use EX_LIB S | 1205 | *) Chang e the decl aration of needed Ke rberos lib raries to use EX_LIB S | |||
| 4108 | inste ad of the special (a nd badly s upported) LIBKRB5. LIBKRB5 is | 1206 | inste ad of the special (a nd badly s upported) LIBKRB5. LIBKRB5 is | |||
| 4109 | remov ed entirel y. | 1207 | remov ed entirel y. | |||
| 4110 | [Rich ard Levitt e] | 1208 | [Rich ard Levitt e] | |||
| 4111 | 1209 | |||||
| 4112 | *) The h w_ncipher. c engine r equires dy namic lock s. Unfort unately, i t | 1210 | *) The h w_ncipher. c engine r equires dy namic lock s. Unfort unately, i t | |||
| 4113 | seems that in s pite of ex isting for more than a year, m any applic ation | 1211 | seems that in s pite of ex isting for more than a year, m any applic ation | |||
| 4114 | autho r have don e nothing to provide the neces sary callb acks, whic h | 1212 | autho r have don e nothing to provide the neces sary callb acks, whic h | |||
| 4115 | means that this particula r engine w ill not wo rk properl y anywhere . | 1213 | means that this particula r engine w ill not wo rk properl y anywhere . | |||
| 4116 | This is a very unfortunat e situatio n which fo rces us, i n the name | 1214 | This is a very unfortunat e situatio n which fo rces us, i n the name | |||
| 4117 | of us ability, t o give the hw_nciphe r.c a stat ic lock, w hich is pa rt | 1215 | of us ability, t o give the hw_nciphe r.c a stat ic lock, w hich is pa rt | |||
| 4118 | of li bcrypto. | 1216 | of li bcrypto. | |||
| 4119 | NOTE: This is f or the 0.9 .7 series ONLY. Thi s hack wil l never | 1217 | NOTE: This is f or the 0.9 .7 series ONLY. Thi s hack wil l never | |||
| 4120 | appea r in 0.9.8 or later. We EXPEC T applicat ion author s to have | 1218 | appea r in 0.9.8 or later. We EXPEC T applicat ion author s to have | |||
| 4121 | dealt properly with this when 0.9.8 is releas ed (unless we actual ly | 1219 | dealt properly with this when 0.9.8 is releas ed (unless we actual ly | |||
| 4122 | make such chang es in the libcrypto locking co de that ch anges will | 1220 | make such chang es in the libcrypto locking co de that ch anges will | |||
| 4123 | have to be made anyway). | 1221 | have to be made anyway). | |||
| 4124 | [Rich ard Levitt e] | 1222 | [Rich ard Levitt e] | |||
| 4125 | 1223 | |||||
| 4126 | *) In as n1_d2i_rea d_bio() re peatedly c all BIO_re ad() until all conte nt | 1224 | *) In as n1_d2i_rea d_bio() re peatedly c all BIO_re ad() until all conte nt | |||
| 4127 | octet s have bee n read, EO F or an er ror occurs . Without this chang e | 1225 | octet s have bee n read, EO F or an er ror occurs . Without this chang e | |||
| 4128 | some truncated ASN1 struc tures will not produ ce an erro r. | 1226 | some truncated ASN1 struc tures will not produ ce an erro r. | |||
| 4129 | [Stev e Henson] | 1227 | [Stev e Henson] | |||
| 4130 | 1228 | |||||
| 4131 | *) Disab le Heimdal support, since it h asn't been fully imp lemented. | 1229 | *) Disab le Heimdal support, since it h asn't been fully imp lemented. | |||
| 4132 | Still give the possibilit y to force the use o f Heimdal, but with | 1230 | Still give the possibilit y to force the use o f Heimdal, but with | |||
| 4133 | warni ngs and a request th at patches get sent to openssl -dev. | 1231 | warni ngs and a request th at patches get sent to openssl -dev. | |||
| 4134 | [Rich ard Levitt e] | 1232 | [Rich ard Levitt e] | |||
| 4135 | 1233 | |||||
| 4136 | *) Add t he VC-CE t arget, int roduce the WINCE sys name, and add | 1234 | *) Add t he VC-CE t arget, int roduce the WINCE sys name, and add | |||
| 4137 | INSTA LL.WCE and appropria te conditi onals to m ake it bui ld. | 1235 | INSTA LL.WCE and appropria te conditi onals to m ake it bui ld. | |||
| 4138 | [Stev en Reddie <smr@essem er.com.au> via Richa rd Levitte ] | 1236 | [Stev en Reddie <smr@essem er.com.au> via Richa rd Levitte ] | |||
| 4139 | 1237 | |||||
| 4140 | *) Chang e the DLL names for Cygwin to cygcrypto- x.y.z.dll and | 1238 | *) Chang e the DLL names for Cygwin to cygcrypto- x.y.z.dll and | |||
| 4141 | cygss l-x.y.z.dl l, where x , y and z are the ma jor, minor and | 1239 | cygss l-x.y.z.dl l, where x , y and z are the ma jor, minor and | |||
| 4142 | edit numbers of the versi on. | 1240 | edit numbers of the versi on. | |||
| 4143 | [Cori nna Vinsch en <vinsch en@redhat. com> and R ichard Lev itte] | 1241 | [Cori nna Vinsch en <vinsch en@redhat. com> and R ichard Lev itte] | |||
| 4144 | 1242 | |||||
| 4145 | *) Intro duce safe string cop y and cate nation fun ctions | 1243 | *) Intro duce safe string cop y and cate nation fun ctions | |||
| 4146 | (BUF_ strlcpy() and BUF_st rlcat()). | 1244 | (BUF_ strlcpy() and BUF_st rlcat()). | |||
| 4147 | [Ben Laurie (CH ATS) and R ichard Lev itte] | 1245 | [Ben Laurie (CH ATS) and R ichard Lev itte] | |||
| 4148 | 1246 | |||||
| 4149 | *) Avoid using fix ed-size bu ffers for one-line D Ns. | 1247 | *) Avoid using fix ed-size bu ffers for one-line D Ns. | |||
| 4150 | [Ben Laurie (CH ATS)] | 1248 | [Ben Laurie (CH ATS)] | |||
| 4151 | 1249 | |||||
| 4152 | *) Add B UF_MEM_gro w_clean() to avoid i nformation leakage w hen | 1250 | *) Add B UF_MEM_gro w_clean() to avoid i nformation leakage w hen | |||
| 4153 | resiz ing buffer s containi ng secrets , and use where appr opriate. | 1251 | resiz ing buffer s containi ng secrets , and use where appr opriate. | |||
| 4154 | [Ben Laurie (CH ATS)] | 1252 | [Ben Laurie (CH ATS)] | |||
| 4155 | 1253 | |||||
| 4156 | *) Avoid using fix ed size bu ffers for configurat ion file l ocation. | 1254 | *) Avoid using fix ed size bu ffers for configurat ion file l ocation. | |||
| 4157 | [Ben Laurie (CH ATS)] | 1255 | [Ben Laurie (CH ATS)] | |||
| 4158 | 1256 | |||||
| 4159 | *) Avoid filename truncation for vario us CA file s. | 1257 | *) Avoid filename truncation for vario us CA file s. | |||
| 4160 | [Ben Laurie (CH ATS)] | 1258 | [Ben Laurie (CH ATS)] | |||
| 4161 | 1259 | |||||
| 4162 | *) Use s izeof in p reference to magic n umbers. | 1260 | *) Use s izeof in p reference to magic n umbers. | |||
| 4163 | [Ben Laurie (CH ATS)] | 1261 | [Ben Laurie (CH ATS)] | |||
| 4164 | 1262 | |||||
| 4165 | *) Avoid filename truncation in cert r equests. | 1263 | *) Avoid filename truncation in cert r equests. | |||
| 4166 | [Ben Laurie (CH ATS)] | 1264 | [Ben Laurie (CH ATS)] | |||
| 4167 | 1265 | |||||
| 4168 | *) Add a ssertions to check f or (suppos edly impos sible) buf fer | 1266 | *) Add a ssertions to check f or (suppos edly impos sible) buf fer | |||
| 4169 | overf lows. | 1267 | overf lows. | |||
| 4170 | [Ben Laurie (CH ATS)] | 1268 | [Ben Laurie (CH ATS)] | |||
| 4171 | 1269 | |||||
| 4172 | *) Don't cache tru ncated DNS entries i n the loca l cache (t his could | 1270 | *) Don't cache tru ncated DNS entries i n the loca l cache (t his could | |||
| 4173 | poten tially lea d to a spo ofing atta ck). | 1271 | poten tially lea d to a spo ofing atta ck). | |||
| 4174 | [Ben Laurie (CH ATS)] | 1272 | [Ben Laurie (CH ATS)] | |||
| 4175 | 1273 | |||||
| 4176 | *) Fix v arious buf fers to be large eno ugh for he x/decimal | 1274 | *) Fix v arious buf fers to be large eno ugh for he x/decimal | |||
| 4177 | repre sentations in a plat form indep endent man ner. | 1275 | repre sentations in a plat form indep endent man ner. | |||
| 4178 | [Ben Laurie (CH ATS)] | 1276 | [Ben Laurie (CH ATS)] | |||
| 4179 | 1277 | |||||
| 4180 | *) Add C RYPTO_real loc_clean( ) to avoid informati on leakage when | 1278 | *) Add C RYPTO_real loc_clean( ) to avoid informati on leakage when | |||
| 4181 | resiz ing buffer s containi ng secrets , and use where appr opriate. | 1279 | resiz ing buffer s containi ng secrets , and use where appr opriate. | |||
| 4182 | [Ben Laurie (CH ATS)] | 1280 | [Ben Laurie (CH ATS)] | |||
| 4183 | 1281 | |||||
| 4184 | *) Add B IO_indent( ) to avoid much slig htly worry ing code t o do | 1282 | *) Add B IO_indent( ) to avoid much slig htly worry ing code t o do | |||
| 4185 | inden ts. | 1283 | inden ts. | |||
| 4186 | [Ben Laurie (CH ATS)] | 1284 | [Ben Laurie (CH ATS)] | |||
| 4187 | 1285 | |||||
| 4188 | *) Conve rt sprintf ()/BIO_put s() to BIO _printf(). | 1286 | *) Conve rt sprintf ()/BIO_put s() to BIO _printf(). | |||
| 4189 | [Ben Laurie (CH ATS)] | 1287 | [Ben Laurie (CH ATS)] | |||
| 4190 | 1288 | |||||
| 4191 | *) buffe r_gets() c ould termi nate with the buffer only half | 1289 | *) buffe r_gets() c ould termi nate with the buffer only half | |||
| 4192 | full. Fixed. | 1290 | full. Fixed. | |||
| 4193 | [Ben Laurie (CH ATS)] | 1291 | [Ben Laurie (CH ATS)] | |||
| 4194 | 1292 | |||||
| 4195 | *) Add a ssertions to prevent user-supp lied crypt o function s from | 1293 | *) Add a ssertions to prevent user-supp lied crypt o function s from | |||
| 4196 | overf lowing int ernal buff ers by hav ing large block size s, etc. | 1294 | overf lowing int ernal buff ers by hav ing large block size s, etc. | |||
| 4197 | [Ben Laurie (CH ATS)] | 1295 | [Ben Laurie (CH ATS)] | |||
| 4198 | 1296 | |||||
| 4199 | *) New O PENSSL_ass ert() macr o (similar to assert (), but en abled | 1297 | *) New O PENSSL_ass ert() macr o (similar to assert (), but en abled | |||
| 4200 | uncon ditionally ). | 1298 | uncon ditionally ). | |||
| 4201 | [Ben Laurie (CH ATS)] | 1299 | [Ben Laurie (CH ATS)] | |||
| 4202 | 1300 | |||||
| 4203 | *) Elimi nate unuse d copy of key in RC4 . | 1301 | *) Elimi nate unuse d copy of key in RC4 . | |||
| 4204 | [Ben Laurie (CH ATS)] | 1302 | [Ben Laurie (CH ATS)] | |||
| 4205 | 1303 | |||||
| 4206 | *) Elimi nate unuse d and inco rrectly si zed buffer s for IV i n pem.h. | 1304 | *) Elimi nate unuse d and inco rrectly si zed buffer s for IV i n pem.h. | |||
| 4207 | [Ben Laurie (CH ATS)] | 1305 | [Ben Laurie (CH ATS)] | |||
| 4208 | 1306 | |||||
| 4209 | *) Fix o ff-by-one error in E GD path. | 1307 | *) Fix o ff-by-one error in E GD path. | |||
| 4210 | [Ben Laurie (CH ATS)] | 1308 | [Ben Laurie (CH ATS)] | |||
| 4211 | 1309 | |||||
| 4212 | *) If RA NDFILE pat h is too l ong, ignor e instead of truncat ing. | 1310 | *) If RA NDFILE pat h is too l ong, ignor e instead of truncat ing. | |||
| 4213 | [Ben Laurie (CH ATS)] | 1311 | [Ben Laurie (CH ATS)] | |||
| 4214 | 1312 | |||||
| 4215 | *) Elimi nate unuse d and inco rrectly si zed X.509 structure | 1313 | *) Elimi nate unuse d and inco rrectly si zed X.509 structure | |||
| 4216 | CBCPa rameter. | 1314 | CBCPa rameter. | |||
| 4217 | [Ben Laurie (CH ATS)] | 1315 | [Ben Laurie (CH ATS)] | |||
| 4218 | 1316 | |||||
| 4219 | *) Elimi nate unuse d and dang erous func tion knumb er(). | 1317 | *) Elimi nate unuse d and dang erous func tion knumb er(). | |||
| 4220 | [Ben Laurie (CH ATS)] | 1318 | [Ben Laurie (CH ATS)] | |||
| 4221 | 1319 | |||||
| 4222 | *) Elimi nate unuse d and dang erous stru cture, KSS L_ERR. | 1320 | *) Elimi nate unuse d and dang erous stru cture, KSS L_ERR. | |||
| 4223 | [Ben Laurie (CH ATS)] | 1321 | [Ben Laurie (CH ATS)] | |||
| 4224 | 1322 | |||||
| 4225 | *) Prote ct against overlong session ID context l ength in a n encoded | 1323 | *) Prote ct against overlong session ID context l ength in a n encoded | |||
| 4226 | sessi on object. Since the se are loc al, this d oes not ap pear to be | 1324 | sessi on object. Since the se are loc al, this d oes not ap pear to be | |||
| 4227 | explo itable. | 1325 | explo itable. | |||
| 4228 | [Ben Laurie (CH ATS)] | 1326 | [Ben Laurie (CH ATS)] | |||
| 4229 | 1327 | |||||
| 4230 | *) Chang e from sec urity patc h (see 0.9 .6e below) that did not affect | 1328 | *) Chang e from sec urity patc h (see 0.9 .6e below) that did not affect | |||
| 4231 | the 0 .9.6 relea se series: | 1329 | the 0 .9.6 relea se series: | |||
| 4232 | 1330 | |||||
| 4233 | Remot e buffer o verflow in SSL3 prot ocol - an attacker c ould | 1331 | Remot e buffer o verflow in SSL3 prot ocol - an attacker c ould | |||
| 4234 | suppl y an overs ized maste r key in K erberos-en abled vers ions. | 1332 | suppl y an overs ized maste r key in K erberos-en abled vers ions. | |||
| 4235 | (CVE- 2002-0657) | 1333 | (CAN- 2002-0657) | |||
| 4236 | [Ben Laurie (CH ATS)] | 1334 | [Ben Laurie (CH ATS)] | |||
| 4237 | 1335 | |||||
| 4238 | *) Chang e the SSL kerb5 code s to match RFC 2712. | 1336 | *) Chang e the SSL kerb5 code s to match RFC 2712. | |||
| 4239 | [Rich ard Levitt e] | 1337 | [Rich ard Levitt e] | |||
| 4240 | 1338 | |||||
| 4241 | *) Make -nameopt w ork fully for req an d add -req opt switch . | 1339 | *) Make -nameopt w ork fully for req an d add -req opt switch . | |||
| 4242 | [Mich ael Bell < michael.be ll@rz.hu-b erlin.de>, Steve Hen son] | 1340 | [Mich ael Bell < michael.be ll@rz.hu-b erlin.de>, Steve Hen son] | |||
| 4243 | 1341 | |||||
| 4244 | *) The " block size " for bloc k ciphers in CFB and OFB mode should be 1. | 1342 | *) The " block size " for bloc k ciphers in CFB and OFB mode should be 1. | |||
| 4245 | [Stev e Henson, reported b y Yngve Ny saeter Pet tersen <yn gve@opera. com>] | 1343 | [Stev e Henson, reported b y Yngve Ny saeter Pet tersen <yn gve@opera. com>] | |||
| 4246 | 1344 | |||||
| 4247 | *) Make sure tests can be pe rformed ev en if the correspond ing algori thms | 1345 | *) Make sure tests can be pe rformed ev en if the correspond ing algori thms | |||
| 4248 | have been remov ed entirel y. This w as also th e last ste p to make | 1346 | have been remov ed entirel y. This w as also th e last ste p to make | |||
| 4249 | OpenS SL compila ble with D JGPP under all reaso nable cond itions. | 1347 | OpenS SL compila ble with D JGPP under all reaso nable cond itions. | |||
| 4250 | [Rich ard Levitt e, Doug Ka ufman <dka ufman@rahu l.net>] | 1348 | [Rich ard Levitt e, Doug Ka ufman <dka ufman@rahu l.net>] | |||
| 4251 | 1349 | |||||
| 4252 | *) Add c ipher sele ction rule s COMPLEME NTOFALL an d COMPLEME NTOFDEFAUL T | 1350 | *) Add c ipher sele ction rule s COMPLEME NTOFALL an d COMPLEME NTOFDEFAUL T | |||
| 4253 | to al low versio n independ ent disabl ing of nor mally unse lected cip hers, | 1351 | to al low versio n independ ent disabl ing of nor mally unse lected cip hers, | |||
| 4254 | which may be ac tivated as a side-ef fect of se lecting a single cip her. | 1352 | which may be ac tivated as a side-ef fect of se lecting a single cip her. | |||
| 4255 | 1353 | |||||
| 4256 | (E.g. , cipher l ist string "RSA" ena bles ciphe rsuites th at are lef t | 1354 | (E.g. , cipher l ist string "RSA" ena bles ciphe rsuites th at are lef t | |||
| 4257 | out o f "ALL" be cause they do not pr ovide symm etric encr yption. | 1355 | out o f "ALL" be cause they do not pr ovide symm etric encr yption. | |||
| 4258 | "RSA: !COMPLEMEM ENTOFALL" avoids the se unsafe ciphersuit es.) | 1356 | "RSA: !COMPLEMEM ENTOFALL" avoids the se unsafe ciphersuit es.) | |||
| 4259 | [Lutz Jaenicke, Bodo Moel ler] | 1357 | [Lutz Jaenicke, Bodo Moel ler] | |||
| 4260 | 1358 | |||||
| 4261 | *) Add a ppropriate support f or separat e platform -dependent build | 1359 | *) Add a ppropriate support f or separat e platform -dependent build | |||
| 4262 | direc tories. T he recomme nded way t o make a p latform-de pendent | 1360 | direc tories. T he recomme nded way t o make a p latform-de pendent | |||
| 4263 | build directory is the fo llowing (t ested on L inux), may be with | 1361 | build directory is the fo llowing (t ested on L inux), may be with | |||
| 4264 | some local twea ks: | 1362 | some local twea ks: | |||
| 4265 | 1363 | |||||
| 4266 | # Place your self outsi de of the OpenSSL so urce tree. In | 1364 | # Place your self outsi de of the OpenSSL so urce tree. In | |||
| 4267 | # this examp le, the en vironment variable O PENSSL_SOU RCE | 1365 | # this examp le, the en vironment variable O PENSSL_SOU RCE | |||
| 4268 | # is assumed to contai n the abso lute OpenS SL source directory. | 1366 | # is assumed to contai n the abso lute OpenS SL source directory. | |||
| 4269 | mk dir -p obj tree/"`una me -s`-`un ame -r`-`u name -m`" | 1367 | mk dir -p obj tree/"`una me -s`-`un ame -r`-`u name -m`" | |||
| 4270 | cd objtree/" `uname -s` -`uname -r `-`uname - m`" | 1368 | cd objtree/" `uname -s` -`uname -r `-`uname - m`" | |||
| 4271 | (c d $OPENSSL _SOURCE; f ind . -typ e f) | whi le read F; do | 1369 | (c d $OPENSSL _SOURCE; f ind . -typ e f) | whi le read F; do | |||
| 4272 | mkdi r -p `dirn ame $F` | 1370 | mkdi r -p `dirn ame $F` | |||
| 4273 | ln - s $OPENSSL _SOURCE/$F $F | 1371 | ln - s $OPENSSL _SOURCE/$F $F | |||
| 4274 | do ne | 1372 | do ne | |||
| 4275 | 1373 | |||||
| 4276 | To be absolutel y sure not to distur b the sour ce tree, a "make cle an" | 1374 | To be absolutel y sure not to distur b the sour ce tree, a "make cle an" | |||
| 4277 | is a good thing . If it i sn't succe ssfull, do n't worry about it, | 1375 | is a good thing . If it i sn't succe ssfull, do n't worry about it, | |||
| 4278 | it pr obably mea ns the sou rce direct ory is ver y clean. | 1376 | it pr obably mea ns the sou rce direct ory is ver y clean. | |||
| 4279 | [Rich ard Levitt e] | 1377 | [Rich ard Levitt e] | |||
| 4280 | 1378 | |||||
| 4281 | *) Make sure any E NGINE cont rol comman ds make lo cal copies of string | 1379 | *) Make sure any E NGINE cont rol comman ds make lo cal copies of string | |||
| 4282 | point ers passed to them w henever ne cessary. O therwise i t is possi ble | 1380 | point ers passed to them w henever ne cessary. O therwise i t is possi ble | |||
| 4283 | the c aller may have overw ritten (or deallocat ed) the or iginal str ing | 1381 | the c aller may have overw ritten (or deallocat ed) the or iginal str ing | |||
| 4284 | data when a lat er ENGINE operation tries to u se the sto red values . | 1382 | data when a lat er ENGINE operation tries to u se the sto red values . | |||
| 4285 | [Götz Babin-Ebe ll <babine bell@trust center.de> ] | 1383 | [Götz Babin-Ebe ll <babine bell@trust center.de> ] | |||
| 4286 | 1384 | |||||
| 4287 | *) Impro ve diagnos tics in fi le reading and comma nd-line di gests. | 1385 | *) Impro ve diagnos tics in fi le reading and comma nd-line di gests. | |||
| 4288 | [Ben Laurie aid ed and abe tted by So lar Design er <solar@ openwall.c om>] | 1386 | [Ben Laurie aid ed and abe tted by So lar Design er <solar@ openwall.c om>] | |||
| 4289 | 1387 | |||||
| 4290 | *) Add A ES modes C FB and OFB to the ob ject datab ase. Corr ect an | 1388 | *) Add A ES modes C FB and OFB to the ob ject datab ase. Corr ect an | |||
| 4291 | error in AES-CF B decrypti on. | 1389 | error in AES-CF B decrypti on. | |||
| 4292 | [Rich ard Levitt e] | 1390 | [Rich ard Levitt e] | |||
| 4293 | 1391 | |||||
| 4294 | *) Remov e most cal ls to EVP_ CIPHER_CTX _cleanup() in evp_en c.c, this | 1392 | *) Remov e most cal ls to EVP_ CIPHER_CTX _cleanup() in evp_en c.c, this | |||
| 4295 | allow s existing EVP_CIPHE R_CTX stru ctures to be reused after | 1393 | allow s existing EVP_CIPHE R_CTX stru ctures to be reused after | |||
| 4296 | calli ng EVP_*Fi nal(). Thi s behaviou r is used by encrypt ion | 1394 | calli ng EVP_*Fi nal(). Thi s behaviou r is used by encrypt ion | |||
| 4297 | BIOs and some a pplication s. This ha s the side effect th at | 1395 | BIOs and some a pplication s. This ha s the side effect th at | |||
| 4298 | appli cations mu st explici tly clean up cipher contexts w ith | 1396 | appli cations mu st explici tly clean up cipher contexts w ith | |||
| 4299 | EVP_C IPHER_CTX_ cleanup() or they wi ll leak me mory. | 1397 | EVP_C IPHER_CTX_ cleanup() or they wi ll leak me mory. | |||
| 4300 | [Stev e Henson] | 1398 | [Stev e Henson] | |||
| 4301 | 1399 | |||||
| 4302 | *) Check the value s of dna a nd dnb in bn_mul_rec ursive bef ore callin g | 1400 | *) Check the value s of dna a nd dnb in bn_mul_rec ursive bef ore callin g | |||
| 4303 | bn_mu l_comba (a non zero value mean s the a or b arrays do not con tain | 1401 | bn_mu l_comba (a non zero value mean s the a or b arrays do not con tain | |||
| 4304 | n2 el ements) an d fallback to bn_mul _normal if either is not zero. | 1402 | n2 el ements) an d fallback to bn_mul _normal if either is not zero. | |||
| 4305 | [Stev e Henson] | 1403 | [Stev e Henson] | |||
| 4306 | 1404 | |||||
| 4307 | *) Fix e scaping of non-ASCII character s when usi ng the -su bj option | 1405 | *) Fix e scaping of non-ASCII character s when usi ng the -su bj option | |||
| 4308 | of th e "openssl req" comm and line t ool. (Robe rt Joop <j oop@fokus. gmd.de>) | 1406 | of th e "openssl req" comm and line t ool. (Robe rt Joop <j oop@fokus. gmd.de>) | |||
| 4309 | [Lutz Jaenicke] | 1407 | [Lutz Jaenicke] | |||
| 4310 | 1408 | |||||
| 4311 | *) Make object def initions c ompliant t o LDAP (RF C2256): SN is the sh ort | 1409 | *) Make object def initions c ompliant t o LDAP (RF C2256): SN is the sh ort | |||
| 4312 | form for "surna me", seria lNumber ha s no short form. | 1410 | form for "surna me", seria lNumber ha s no short form. | |||
| 4313 | Use " mail" as t he short n ame for "r fc822Mailb ox" accord ing to RFC 2798; | 1411 | Use " mail" as t he short n ame for "r fc822Mailb ox" accord ing to RFC 2798; | |||
| 4314 | there fore remov e "mail" s hort name for "inter net 7". | 1412 | there fore remov e "mail" s hort name for "inter net 7". | |||
| 4315 | The O ID for uni que identi fiers in X 509 certif icates is | 1413 | The O ID for uni que identi fiers in X 509 certif icates is | |||
| 4316 | x500U niqueIdent ifier, not uniqueIde ntifier. | 1414 | x500U niqueIdent ifier, not uniqueIde ntifier. | |||
| 4317 | Some more OID a dditions. (Michael B ell <micha el.bell@rz .hu-berlin .de>) | 1415 | Some more OID a dditions. (Michael B ell <micha el.bell@rz .hu-berlin .de>) | |||
| 4318 | [Lutz Jaenicke] | 1416 | [Lutz Jaenicke] | |||
| 4319 | 1417 | |||||
| 4320 | *) Add a n "init" c ommand to the ENGINE config mo dule and a uto initia lize | 1418 | *) Add a n "init" c ommand to the ENGINE config mo dule and a uto initia lize | |||
| 4321 | ENGIN Es. Withou t any "ini t" command the ENGIN E will be initialize d | 1419 | ENGIN Es. Withou t any "ini t" command the ENGIN E will be initialize d | |||
| 4322 | after all ctrl commands h ave been e xecuted on it. If in it=1 the | 1420 | after all ctrl commands h ave been e xecuted on it. If in it=1 the | |||
| 4323 | ENGIN E is inita ilized at that point (ctrls be fore that point are run | 1421 | ENGIN E is inita ilized at that point (ctrls be fore that point are run | |||
| 4324 | on th e uninitia lized ENGI NE and aft er on the initialize d one). If | 1422 | on th e uninitia lized ENGI NE and aft er on the initialize d one). If | |||
| 4325 | init= 0 then the ENGINE wi ll not be iniatializ ed at all. | 1423 | init= 0 then the ENGINE wi ll not be iniatializ ed at all. | |||
| 4326 | [Stev e Henson] | 1424 | [Stev e Henson] | |||
| 4327 | 1425 | |||||
| 4328 | *) Fix t he 'app_ve rify_callb ack' inter face so th at the use r-defined | 1426 | *) Fix t he 'app_ve rify_callb ack' inter face so th at the use r-defined | |||
| 4329 | argum ent is act ually pass ed to the callback: In the | 1427 | argum ent is act ually pass ed to the callback: In the | |||
| 4330 | SSL_C TX_set_cer t_verify_c allback() prototype, the callb ack | 1428 | SSL_C TX_set_cer t_verify_c allback() prototype, the callb ack | |||
| 4331 | decla ration has been chan ged from | 1429 | decla ration has been chan ged from | |||
| 4332 | int (*cb)( ) | 1430 | int (*cb)( ) | |||
| 4333 | into | 1431 | into | |||
| 4334 | int (*cb)( X509_STORE _CTX *,voi d *); | 1432 | int (*cb)( X509_STORE _CTX *,voi d *); | |||
| 4335 | in ss l_verify_c ert_chain (ssl/ssl_c ert.c), th e call | 1433 | in ss l_verify_c ert_chain (ssl/ssl_c ert.c), th e call | |||
| 4336 | i=s->ctx-> app_verify _callback( &ctx) | 1434 | i=s->ctx-> app_verify _callback( &ctx) | |||
| 4337 | has b een change d into | 1435 | has b een change d into | |||
| 4338 | i=s->ctx-> app_verify _callback( &ctx, s->c tx->app_ve rify_arg). | 1436 | i=s->ctx-> app_verify _callback( &ctx, s->c tx->app_ve rify_arg). | |||
| 4339 | 1437 | |||||
| 4340 | To up date appli cations us ing SSL_CT X_set_cert _verify_ca llback(), | 1438 | To up date appli cations us ing SSL_CT X_set_cert _verify_ca llback(), | |||
| 4341 | a dum my argumen t can be a dded to th eir callba ck functio ns. | 1439 | a dum my argumen t can be a dded to th eir callba ck functio ns. | |||
| 4342 | [D. K . Smetters <smetters @parc.xero x.com>] | 1440 | [D. K . Smetters <smetters @parc.xero x.com>] | |||
| 4343 | 1441 | |||||
| 4344 | *) Added the '4758 cca' ENGIN E to suppo rt IBM 475 8 cards. | 1442 | *) Added the '4758 cca' ENGIN E to suppo rt IBM 475 8 cards. | |||
| 4345 | [Maur ice Gitten s <maurice @gittens.n l>, touchu ps by Geof f Thorpe] | 1443 | [Maur ice Gitten s <maurice @gittens.n l>, touchu ps by Geof f Thorpe] | |||
| 4346 | 1444 | |||||
| 4347 | *) Add a nd OPENSSL _LOAD_CONF define wh ich will c ause | 1445 | *) Add a nd OPENSSL _LOAD_CONF define wh ich will c ause | |||
| 4348 | OpenS SL_add_all _algorithm s() to loa d the open ssl.cnf co nfig file. | 1446 | OpenS SL_add_all _algorithm s() to loa d the open ssl.cnf co nfig file. | |||
| 4349 | This allows old er applica tions to t ransparent ly support certain | 1447 | This allows old er applica tions to t ransparent ly support certain | |||
| 4350 | OpenS SL feature s: such as crypto ac celeration and dynam ic ENGINE loading. | 1448 | OpenS SL feature s: such as crypto ac celeration and dynam ic ENGINE loading. | |||
| 4351 | Two n ew functio ns OPENSSL _add_all_a lgorithms_ noconf() w hich will never | 1449 | Two n ew functio ns OPENSSL _add_all_a lgorithms_ noconf() w hich will never | |||
| 4352 | load the config file and OPENSSL_ad d_all_algo rithms_con f() which will | 1450 | load the config file and OPENSSL_ad d_all_algo rithms_con f() which will | |||
| 4353 | alway s load it have also been added . | 1451 | alway s load it have also been added . | |||
| 4354 | [Stev e Henson] | 1452 | [Stev e Henson] | |||
| 4355 | 1453 | |||||
| 4356 | *) Add t he OFB, CF B and CTR (all with 128 bit fe edback) to AES. | 1454 | *) Add t he OFB, CF B and CTR (all with 128 bit fe edback) to AES. | |||
| 4357 | Adjus t NIDs and EVP layer . | 1455 | Adjus t NIDs and EVP layer . | |||
| 4358 | [Step hen Sprunk <stephen@ sprunk.org > and Rich ard Levitt e] | 1456 | [Step hen Sprunk <stephen@ sprunk.org > and Rich ard Levitt e] | |||
| 4359 | 1457 | |||||
| 4360 | *) Confi g modules support in openssl u tility. | 1458 | *) Confi g modules support in openssl u tility. | |||
| 4361 | 1459 | |||||
| 4362 | Most commands n ow load mo dules from the confi g file, | 1460 | Most commands n ow load mo dules from the confi g file, | |||
| 4363 | thoug h in a few (such as version) t his isn't done | 1461 | thoug h in a few (such as version) t his isn't done | |||
| 4364 | becau se it coul dn't be us ed for any thing. | 1462 | becau se it coul dn't be us ed for any thing. | |||
| 4365 | 1463 | |||||
| 4366 | In th e case of ca and req the confi g file use d is | 1464 | In th e case of ca and req the confi g file use d is | |||
| 4367 | the s ame as the utility i tself: tha t is the - config | 1465 | the s ame as the utility i tself: tha t is the - config | |||
| 4368 | comma nd line op tion can b e used to specify an | 1466 | comma nd line op tion can b e used to specify an | |||
| 4369 | alter native fil e. | 1467 | alter native fil e. | |||
| 4370 | [Stev e Henson] | 1468 | [Stev e Henson] | |||
| 4371 | 1469 | |||||
| 4372 | *) Move default be haviour fr om OPENSSL _config(). If appnam e is NULL | 1470 | *) Move default be haviour fr om OPENSSL _config(). If appnam e is NULL | |||
| 4373 | use " openssl_co nf" if fil ename is N ULL use de fault open ssl config file. | 1471 | use " openssl_co nf" if fil ename is N ULL use de fault open ssl config file. | |||
| 4374 | [Stev e Henson] | 1472 | [Stev e Henson] | |||
| 4375 | 1473 | |||||
| 4376 | *) Add a n argument to OPENSS L_config() to allow the use of an altern ative | 1474 | *) Add a n argument to OPENSS L_config() to allow the use of an altern ative | |||
| 4377 | confi g section name. Add a new flag to tolera te a missi ng config file | 1475 | confi g section name. Add a new flag to tolera te a missi ng config file | |||
| 4378 | and m ove code t o CONF_mod ules_load_ file(). | 1476 | and m ove code t o CONF_mod ules_load_ file(). | |||
| 4379 | [Stev e Henson] | 1477 | [Stev e Henson] | |||
| 4380 | 1478 | |||||
| 4381 | *) Suppo rt for cry pto accele rator card s from Acc elerated E ncryption | 1479 | *) Suppo rt for cry pto accele rator card s from Acc elerated E ncryption | |||
| 4382 | Proce ssing, www .aep.ie. (Use engin e 'aep') | 1480 | Proce ssing, www .aep.ie. (Use engin e 'aep') | |||
| 4383 | The s upport was copied fr om 0.9.6c [engine] a nd adapted /corrected | 1481 | The s upport was copied fr om 0.9.6c [engine] a nd adapted /corrected | |||
| 4384 | to wo rk with th e new engi ne framewo rk. | 1482 | to wo rk with th e new engi ne framewo rk. | |||
| 4385 | [AEP Inc. and R ichard Lev itte] | 1483 | [AEP Inc. and R ichard Lev itte] | |||
| 4386 | 1484 | |||||
| 4387 | *) Suppo rt for Sur eWare cryp to acceler ator cards from Balt imore | 1485 | *) Suppo rt for Sur eWare cryp to acceler ator cards from Balt imore | |||
| 4388 | Techn ologies. (Use engin e 'surewar e') | 1486 | Techn ologies. (Use engin e 'surewar e') | |||
| 4389 | The s upport was copied fr om 0.9.6c [engine] a nd adapted | 1487 | The s upport was copied fr om 0.9.6c [engine] a nd adapted | |||
| 4390 | to wo rk with th e new engi ne framewo rk. | 1488 | to wo rk with th e new engi ne framewo rk. | |||
| 4391 | [Rich ard Levitt e] | 1489 | [Rich ard Levitt e] | |||
| 4392 | 1490 | |||||
| 4393 | *) Have the CHIL e ngine fork -safe (as defined by nCipher) and actual ly | 1491 | *) Have the CHIL e ngine fork -safe (as defined by nCipher) and actual ly | |||
| 4394 | make the newer ENGINE fra mework com mands for the CHIL e ngine work . | 1492 | make the newer ENGINE fra mework com mands for the CHIL e ngine work . | |||
| 4395 | [Toom as Kiisk < vix@cyber. ee> and Ri chard Levi tte] | 1493 | [Toom as Kiisk < vix@cyber. ee> and Ri chard Levi tte] | |||
| 4396 | 1494 | |||||
| 4397 | *) Make it possibl e to produ ce shared libraries on Reliant UNIX. | 1495 | *) Make it possibl e to produ ce shared libraries on Reliant UNIX. | |||
| 4398 | [Robe rt Dahlem <Robert.Da hlem@ffm2. siemens.de > via Rich ard Levitt e] | 1496 | [Robe rt Dahlem <Robert.Da hlem@ffm2. siemens.de > via Rich ard Levitt e] | |||
| 4399 | 1497 | |||||
| 4400 | *) Add t he configu ration tar get debug- linux-ppro . | 1498 | *) Add t he configu ration tar get debug- linux-ppro . | |||
| 4401 | Make 'openssl r sa' use th e general key loadin g routines | 1499 | Make 'openssl r sa' use th e general key loadin g routines | |||
| 4402 | imple mented in apps.c, an d make tho se routine s able to | 1500 | imple mented in apps.c, an d make tho se routine s able to | |||
| 4403 | handl e the key format FOR MAT_NETSCA PE and the variant | 1501 | handl e the key format FOR MAT_NETSCA PE and the variant | |||
| 4404 | FORMA T_IISSGC. | 1502 | FORMA T_IISSGC. | |||
| 4405 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | 1503 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | |||
| 4406 | 1504 | |||||
| 4407 | *) Fix a crashbug a nd a logic bug in hw crhk_load_ pubkey(). | 1505 | *) Fix a crashbug a nd a logic bug in hw crhk_load_ pubkey(). | |||
| 4408 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | 1506 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | |||
| 4409 | 1507 | |||||
| 4410 | *) Add - keyform to rsautl, a nd documen t -engine. | 1508 | *) Add - keyform to rsautl, a nd documen t -engine. | |||
| 4411 | [Rich ard Levitt e, inspire d by Tooma s Kiisk <v ix@cyber.e e>] | 1509 | [Rich ard Levitt e, inspire d by Tooma s Kiisk <v ix@cyber.e e>] | |||
| 4412 | 1510 | |||||
| 4413 | *) Chang e BIO_new_ file (cryp to/bio/bss _file.c) t o use new | 1511 | *) Chang e BIO_new_ file (cryp to/bio/bss _file.c) t o use new | |||
| 4414 | BIO_R _NO_SUCH_F ILE error code rathe r than the generic | 1512 | BIO_R _NO_SUCH_F ILE error code rathe r than the generic | |||
| 4415 | ERR_R _SYS_LIB e rror code if fopen() fails wit h ENOENT. | 1513 | ERR_R _SYS_LIB e rror code if fopen() fails wit h ENOENT. | |||
| 4416 | [Ben Laurie] | 1514 | [Ben Laurie] | |||
| 4417 | 1515 | |||||
| 4418 | *) Add n ew functio ns | 1516 | *) Add n ew functio ns | |||
| 4419 | ERR_peek_l ast_error | 1517 | ERR_peek_l ast_error | |||
| 4420 | ERR_peek_l ast_error_ line | 1518 | ERR_peek_l ast_error_ line | |||
| 4421 | ERR_peek_l ast_error_ line_data. | 1519 | ERR_peek_l ast_error_ line_data. | |||
| 4422 | These are simil ar to | 1520 | These are simil ar to | |||
| 4423 | ERR_peek_e rror | 1521 | ERR_peek_e rror | |||
| 4424 | ERR_peek_e rror_line | 1522 | ERR_peek_e rror_line | |||
| 4425 | ERR_peek_e rror_line_ data, | 1523 | ERR_peek_e rror_line_ data, | |||
| 4426 | but r eport on t he latest error reco rded rathe r than the first one | 1524 | but r eport on t he latest error reco rded rathe r than the first one | |||
| 4427 | still in the er ror queue. | 1525 | still in the er ror queue. | |||
| 4428 | [Ben Laurie, Bo do Moeller ] | 1526 | [Ben Laurie, Bo do Moeller ] | |||
| 4429 | 1527 | |||||
| 4430 | *) defau lt_algorit hms option in ENGINE config mo dule. This allows th ings | 1528 | *) defau lt_algorit hms option in ENGINE config mo dule. This allows th ings | |||
| 4431 | like: | 1529 | like: | |||
| 4432 | defau lt_algorit hms = ALL | 1530 | defau lt_algorit hms = ALL | |||
| 4433 | defau lt_algorit hms = RSA, DSA, RAND , CIPHERS, DIGESTS | 1531 | defau lt_algorit hms = RSA, DSA, RAND , CIPHERS, DIGESTS | |||
| 4434 | [Stev e Henson] | 1532 | [Stev e Henson] | |||
| 4435 | 1533 | |||||
| 4436 | *) Prelm inary ENGI NE config module. | 1534 | *) Prelm inary ENGI NE config module. | |||
| 4437 | [Stev e Henson] | 1535 | [Stev e Henson] | |||
| 4438 | 1536 | |||||
| 4439 | *) New e xperimenta l applicat ion config uration co de. | 1537 | *) New e xperimenta l applicat ion config uration co de. | |||
| 4440 | [Stev e Henson] | 1538 | [Stev e Henson] | |||
| 4441 | 1539 | |||||
| 4442 | *) Chang e the AES code to fo llow the s ame name s tructure a s all othe r | 1540 | *) Chang e the AES code to fo llow the s ame name s tructure a s all othe r | |||
| 4443 | symme tric ciphe rs, and be have the s ame way. Move every thing to | 1541 | symme tric ciphe rs, and be have the s ame way. Move every thing to | |||
| 4444 | the d irectory c rypto/aes, thereby o bsoleting crypto/rij ndael. | 1542 | the d irectory c rypto/aes, thereby o bsoleting crypto/rij ndael. | |||
| 4445 | [Step hen Sprunk <stephen@ sprunk.org > and Rich ard Levitt e] | 1543 | [Step hen Sprunk <stephen@ sprunk.org > and Rich ard Levitt e] | |||
| 4446 | 1544 | |||||
| 4447 | *) SECUR ITY: remov e unsafe s etjmp/sign al interac tion from ui_openssl .c. | 1545 | *) SECUR ITY: remov e unsafe s etjmp/sign al interac tion from ui_openssl .c. | |||
| 4448 | [Ben Laurie and Theo de R aadt] | 1546 | [Ben Laurie and Theo de R aadt] | |||
| 4449 | 1547 | |||||
| 4450 | *) Add o ption to o utput publ ic keys in req comma nd. | 1548 | *) Add o ption to o utput publ ic keys in req comma nd. | |||
| 4451 | [Mass imiliano P ala madwol f@openca.o rg] | 1549 | [Mass imiliano P ala madwol f@openca.o rg] | |||
| 4452 | 1550 | |||||
| 4453 | *) Use w NAFs in EC _POINTs_mu l() for im proved eff iciency | 1551 | *) Use w NAFs in EC _POINTs_mu l() for im proved eff iciency | |||
| 4454 | (up t o about 10 % better t han before for P-192 and P-224 ). | 1552 | (up t o about 10 % better t han before for P-192 and P-224 ). | |||
| 4455 | [Bodo Moeller] | 1553 | [Bodo Moeller] | |||
| 4456 | 1554 | |||||
| 4457 | *) New f unctions/m acros | 1555 | *) New f unctions/m acros | |||
| 4458 | 1556 | |||||
| 4459 | SSL_CTX_se t_msg_call back(ctx, cb) | 1557 | SSL_CTX_se t_msg_call back(ctx, cb) | |||
| 4460 | SSL_CTX_se t_msg_call back_arg(c tx, arg) | 1558 | SSL_CTX_se t_msg_call back_arg(c tx, arg) | |||
| 4461 | SSL_set_ms g_callback (ssl, cb) | 1559 | SSL_set_ms g_callback (ssl, cb) | |||
| 4462 | SSL_set_ms g_callback _arg(ssl, arg) | 1560 | SSL_set_ms g_callback _arg(ssl, arg) | |||
| 4463 | 1561 | |||||
| 4464 | to re quest call ing a call back funct ion | 1562 | to re quest call ing a call back funct ion | |||
| 4465 | 1563 | |||||
| 4466 | void cb(in t write_p, int versi on, int co ntent_type , | 1564 | void cb(in t write_p, int versi on, int co ntent_type , | |||
| 4467 | co nst void * buf, size_ t len, SSL *ssl, voi d *arg) | 1565 | co nst void * buf, size_ t len, SSL *ssl, voi d *arg) | |||
| 4468 | 1566 | |||||
| 4469 | whene ver a prot ocol messa ge has bee n complete ly receive d | 1567 | whene ver a prot ocol messa ge has bee n complete ly receive d | |||
| 4470 | (writ e_p == 0) or sent (w rite_p == 1). Here 'version' is the | 1568 | (writ e_p == 0) or sent (w rite_p == 1). Here 'version' is the | |||
| 4471 | proto col versio n accordi ng to whic h the SSL library in terprets | 1569 | proto col versio n accordi ng to whic h the SSL library in terprets | |||
| 4472 | the c urrent pro tocol mess age (SSL2_ VERSION, S SL3_VERSIO N, or | 1570 | the c urrent pro tocol mess age (SSL2_ VERSION, S SL3_VERSIO N, or | |||
| 4473 | TLS1_ VERSION). 'content_ type' is 0 in the ca se of SSL 2.0, or | 1571 | TLS1_ VERSION). 'content_ type' is 0 in the ca se of SSL 2.0, or | |||
| 4474 | the c ontent typ e as defin ed in the SSL 3.0/TL S 1.0 prot ocol | 1572 | the c ontent typ e as defin ed in the SSL 3.0/TL S 1.0 prot ocol | |||
| 4475 | speci fication ( change_cip her_spec(2 0), alert( 21), hands hake(22)). | 1573 | speci fication ( change_cip her_spec(2 0), alert( 21), hands hake(22)). | |||
| 4476 | 'buf' and 'len' point to the actual message, 'ssl' to t he | 1574 | 'buf' and 'len' point to the actual message, 'ssl' to t he | |||
| 4477 | SSL o bject, and 'arg' is the applic ation-defi ned value set by | 1575 | SSL o bject, and 'arg' is the applic ation-defi ned value set by | |||
| 4478 | SSL[_ CTX]_set_m sg_callbac k_arg(). | 1576 | SSL[_ CTX]_set_m sg_callbac k_arg(). | |||
| 4479 | 1577 | |||||
| 4480 | 'open ssl s_clie nt' and 'o penssl s_s erver' hav e new '-ms g' options | 1578 | 'open ssl s_clie nt' and 'o penssl s_s erver' hav e new '-ms g' options | |||
| 4481 | to en able a cal lback that displays all protoc ol message s. | 1579 | to en able a cal lback that displays all protoc ol message s. | |||
| 4482 | [Bodo Moeller] | 1580 | [Bodo Moeller] | |||
| 4483 | 1581 | |||||
| 4484 | *) Chang e the shar ed library support s o shared l ibraries a re built a s | 1582 | *) Chang e the shar ed library support s o shared l ibraries a re built a s | |||
| 4485 | soon as the cor responding static li brary is f inished, a nd thereby get | 1583 | soon as the cor responding static li brary is f inished, a nd thereby get | |||
| 4486 | opens sl and the test prog rams linke d against the shared library. | 1584 | opens sl and the test prog rams linke d against the shared library. | |||
| 4487 | This still only happens w hen the ke yword "sha rd" has be en given t o | 1585 | This still only happens w hen the ke yword "sha rd" has be en given t o | |||
| 4488 | the c onfigurati on scripts . | 1586 | the c onfigurati on scripts . | |||
| 4489 | 1587 | |||||
| 4490 | NOTE: shared li brary supp ort is sti ll an expe rimental t hing, and | 1588 | NOTE: shared li brary supp ort is sti ll an expe rimental t hing, and | |||
| 4491 | backw ard binary compatibi lity is st ill not gu aranteed. | 1589 | backw ard binary compatibi lity is st ill not gu aranteed. | |||
| 4492 | ["Mac iej W. Roz ycki" <mac ro@ds2.pg. gda.pl> an d Richard Levitte] | 1590 | ["Mac iej W. Roz ycki" <mac ro@ds2.pg. gda.pl> an d Richard Levitte] | |||
| 4493 | 1591 | |||||
| 4494 | *) Add s upport for Subject I nformation Access ex tension. | 1592 | *) Add s upport for Subject I nformation Access ex tension. | |||
| 4495 | [Pete r Sylveste r <Peter.S ylvester@E delWeb.fr> ] | 1593 | [Pete r Sylveste r <Peter.S ylvester@E delWeb.fr> ] | |||
| 4496 | 1594 | |||||
| 4497 | *) Make BUF_MEM_gr ow() behav iour more consistent : Initiali se to zero | 1595 | *) Make BUF_MEM_gr ow() behav iour more consistent : Initiali se to zero | |||
| 4498 | addit ional byte s when new memory ha d to be al located, n ot just | 1596 | addit ional byte s when new memory ha d to be al located, n ot just | |||
| 4499 | when reusing an existing buffer. | 1597 | when reusing an existing buffer. | |||
| 4500 | [Bodo Moeller] | 1598 | [Bodo Moeller] | |||
| 4501 | 1599 | |||||
| 4502 | *) New c ommand lin e and conf iguration option 'ut f8' for th e req comm and. | 1600 | *) New c ommand lin e and conf iguration option 'ut f8' for th e req comm and. | |||
| 4503 | This allows fie ld values to be spec ified as U TF8 string s. | 1601 | This allows fie ld values to be spec ified as U TF8 string s. | |||
| 4504 | [Stev e Henson] | 1602 | [Stev e Henson] | |||
| 4505 | 1603 | |||||
| 4506 | *) Add - multi and -mr option s to "open ssl speed" - giving multiple p arallel | 1604 | *) Add - multi and -mr option s to "open ssl speed" - giving multiple p arallel | |||
| 4507 | runs for the fo rmer and m achine-rea dable outp ut for the latter. | 1605 | runs for the fo rmer and m achine-rea dable outp ut for the latter. | |||
| 4508 | [Ben Laurie] | 1606 | [Ben Laurie] | |||
| 4509 | 1607 | |||||
| 4510 | *) Add ' -noemailDN ' option t o 'openssl ca'. Thi s prevents inclusion | 1608 | *) Add ' -noemailDN ' option t o 'openssl ca'. Thi s prevents inclusion | |||
| 4511 | of th e e-mail a ddress in the DN (i. e., it wil l go into a certific ate | 1609 | of th e e-mail a ddress in the DN (i. e., it wil l go into a certific ate | |||
| 4512 | exten sion only) . The new configura tion file option 'em ail_in_dn = no' | 1610 | exten sion only) . The new configura tion file option 'em ail_in_dn = no' | |||
| 4513 | has t he same ef fect. | 1611 | has t he same ef fect. | |||
| 4514 | [Mass imiliano P ala madwol f@openca.o rg] | 1612 | [Mass imiliano P ala madwol f@openca.o rg] | |||
| 4515 | 1613 | |||||
| 4516 | *) Chang e all func tions with names sta rting with des_ to b e starting | 1614 | *) Chang e all func tions with names sta rting with des_ to b e starting | |||
| 4517 | with DES_ inste ad. Add w rappers th at are com patible wi th libdes, | 1615 | with DES_ inste ad. Add w rappers th at are com patible wi th libdes, | |||
| 4518 | but a re named _ ossl_old_d es_*. Fin ally, add macros tha t map the | 1616 | but a re named _ ossl_old_d es_*. Fin ally, add macros tha t map the | |||
| 4519 | des_* symbols t o the corr esponding _ossl_old_ des_* if l ibdes | 1617 | des_* symbols t o the corr esponding _ossl_old_ des_* if l ibdes | |||
| 4520 | compa tibility i s desired. If OpenS SL 0.9.6c compatibil ity is | 1618 | compa tibility i s desired. If OpenS SL 0.9.6c compatibil ity is | |||
| 4521 | desir ed, the de s_* symbol s will be mapped to DES_*, wit h one | 1619 | desir ed, the de s_* symbol s will be mapped to DES_*, wit h one | |||
| 4522 | excep tion. | 1620 | excep tion. | |||
| 4523 | 1621 | |||||
| 4524 | Since we provid e two comp atibility mappings, the user n eeds to | 1622 | Since we provid e two comp atibility mappings, the user n eeds to | |||
| 4525 | defin e the macr o OPENSSL_ DES_LIBDES _COMPATIBI LITY if li bdes | 1623 | defin e the macr o OPENSSL_ DES_LIBDES _COMPATIBI LITY if li bdes | |||
| 4526 | compa tibility i s desired. The defa ult (i.e., when that macro | 1624 | compa tibility i s desired. The defa ult (i.e., when that macro | |||
| 4527 | isn't defined) is OpenSSL 0.9.6c co mpatibilit y. | 1625 | isn't defined) is OpenSSL 0.9.6c co mpatibilit y. | |||
| 4528 | 1626 | |||||
| 4529 | There are also macros tha t enable a nd disable the suppo rt of old | 1627 | There are also macros tha t enable a nd disable the suppo rt of old | |||
| 4530 | des f unctions a ltogether. Those ar e OPENSSL_ ENABLE_OLD _DES_SUPPO RT | 1628 | des f unctions a ltogether. Those ar e OPENSSL_ ENABLE_OLD _DES_SUPPO RT | |||
| 4531 | and O PENSSL_DIS ABLE_OLD_D ES_SUPPORT . If none or both o f those | 1629 | and O PENSSL_DIS ABLE_OLD_D ES_SUPPORT . If none or both o f those | |||
| 4532 | are d efined, th e default will apply : to suppo rt the old des routi nes. | 1630 | are d efined, th e default will apply : to suppo rt the old des routi nes. | |||
| 4533 | 1631 | |||||
| 4534 | In ei ther case, one must include op enssl/des. h to get t he correct | 1632 | In ei ther case, one must include op enssl/des. h to get t he correct | |||
| 4535 | defin itions. D o not try to just in clude open ssl/des_ol d.h, that | 1633 | defin itions. D o not try to just in clude open ssl/des_ol d.h, that | |||
| 4536 | won't work. | 1634 | won't work. | |||
| 4537 | 1635 | |||||
| 4538 | NOTE: This is a major bre ak of an o ld API int o a new on e. Softwa re | 1636 | NOTE: This is a major bre ak of an o ld API int o a new on e. Softwa re | |||
| 4539 | autho rs are enc ouraged to switch to the DES_ style func tions. So me | 1637 | autho rs are enc ouraged to switch to the DES_ style func tions. So me | |||
| 4540 | time in the fut ure, des_o ld.h and t he libdes compatibil ity functi ons | 1638 | time in the fut ure, des_o ld.h and t he libdes compatibil ity functi ons | |||
| 4541 | will be disable (i.e. OPE NSSL_DISAB LE_OLD_DES _SUPPORT w ill be the | 1639 | will be disable (i.e. OPE NSSL_DISAB LE_OLD_DES _SUPPORT w ill be the | |||
| 4542 | defau lt), and t hen comple tely remov ed. | 1640 | defau lt), and t hen comple tely remov ed. | |||
| 4543 | [Rich ard Levitt e] | 1641 | [Rich ard Levitt e] | |||
| 4544 | 1642 | |||||
| 4545 | *) Test for certif icates whi ch contain unsupport ed critica l extensio ns. | 1643 | *) Test for certif icates whi ch contain unsupport ed critica l extensio ns. | |||
| 4546 | If su ch a certi ficate is found duri ng a verif y operatio n it is | 1644 | If su ch a certi ficate is found duri ng a verif y operatio n it is | |||
| 4547 | rejec ted by def ault: this behaviour can be ov erridden b y either | 1645 | rejec ted by def ault: this behaviour can be ov erridden b y either | |||
| 4548 | handl ing the ne w error X5 09_V_ERR_U NHANDLED_C RITICAL_EX TENSION or | 1646 | handl ing the ne w error X5 09_V_ERR_U NHANDLED_C RITICAL_EX TENSION or | |||
| 4549 | by se tting the verify fla g X509_V_F LAG_IGNORE _CRITICAL. A new fun ction | 1647 | by se tting the verify fla g X509_V_F LAG_IGNORE _CRITICAL. A new fun ction | |||
| 4550 | X509_ supported_ extension( ) has also been adde d which re turns 1 if a | 1648 | X509_ supported_ extension( ) has also been adde d which re turns 1 if a | |||
| 4551 | parti cular exte nsion is s upported. | 1649 | parti cular exte nsion is s upported. | |||
| 4552 | [Stev e Henson] | 1650 | [Stev e Henson] | |||
| 4553 | 1651 | |||||
| 4554 | *) Modif y the beha viour of E VP cipher functions in similar way to di gests | 1652 | *) Modif y the beha viour of E VP cipher functions in similar way to di gests | |||
| 4555 | to re tain compa tibility w ith existi ng code. | 1653 | to re tain compa tibility w ith existi ng code. | |||
| 4556 | [Stev e Henson] | 1654 | [Stev e Henson] | |||
| 4557 | 1655 | |||||
| 4558 | *) Modif y the beha viour of E VP_DigestI nit() and EVP_Digest Final() to retain | 1656 | *) Modif y the beha viour of E VP_DigestI nit() and EVP_Digest Final() to retain | |||
| 4559 | compa tibility w ith existi ng code. I n particul ar the 'ct x' paramet er does | 1657 | compa tibility w ith existi ng code. I n particul ar the 'ct x' paramet er does | |||
| 4560 | not h ave to be to be init ialized be fore the c all to EVP _DigestIni t() and | 1658 | not h ave to be to be init ialized be fore the c all to EVP _DigestIni t() and | |||
| 4561 | it is tidied up after a c all to EVP _DigestFin al(). New function | 1659 | it is tidied up after a c all to EVP _DigestFin al(). New function | |||
| 4562 | EVP_D igestFinal _ex() whic h does not tidy up t he ctx. Si milarly fu nction | 1660 | EVP_D igestFinal _ex() whic h does not tidy up t he ctx. Si milarly fu nction | |||
| 4563 | EVP_M D_CTX_copy () changed to not re quire the destinatio n to be | 1661 | EVP_M D_CTX_copy () changed to not re quire the destinatio n to be | |||
| 4564 | initi alized val id and new function EVP_MD_CTX _copy_ex() added whi ch | 1662 | initi alized val id and new function EVP_MD_CTX _copy_ex() added whi ch | |||
| 4565 | requi res the de stination to be vali d. | 1663 | requi res the de stination to be vali d. | |||
| 4566 | 1664 | |||||
| 4567 | Modif y all the OpenSSL di gest calls to use EV P_DigestIn it_ex(), | 1665 | Modif y all the OpenSSL di gest calls to use EV P_DigestIn it_ex(), | |||
| 4568 | EVP_D igestFinal _ex() and EVP_MD_CTX _copy_ex() . | 1666 | EVP_D igestFinal _ex() and EVP_MD_CTX _copy_ex() . | |||
| 4569 | [Stev e Henson] | 1667 | [Stev e Henson] | |||
| 4570 | 1668 | |||||
| 4571 | *) Chang e ssl3_get _message ( ssl/s3_bot h.c) and t he functio ns using i t | 1669 | *) Chang e ssl3_get _message ( ssl/s3_bot h.c) and t he functio ns using i t | |||
| 4572 | so th at complet e 'Handsha ke' protoc ol structu res are ke pt in memo ry | 1670 | so th at complet e 'Handsha ke' protoc ol structu res are ke pt in memo ry | |||
| 4573 | inste ad of over writing 'm sg_type' a nd 'length ' with 'bo dy' data. | 1671 | inste ad of over writing 'm sg_type' a nd 'length ' with 'bo dy' data. | |||
| 4574 | [Bodo Moeller] | 1672 | [Bodo Moeller] | |||
| 4575 | 1673 | |||||
| 4576 | *) Add a n implemen tation of SSL_add_di r_cert_sub jects_to_s tack for W in32. | 1674 | *) Add a n implemen tation of SSL_add_di r_cert_sub jects_to_s tack for W in32. | |||
| 4577 | [Mass imo Santin via Richa rd Levitte ] | 1675 | [Mass imo Santin via Richa rd Levitte ] | |||
| 4578 | 1676 | |||||
| 4579 | *) Major restructu ring to th e underlyi ng ENGINE code. This includes | 1677 | *) Major restructu ring to th e underlyi ng ENGINE code. This includes | |||
| 4580 | reduc tion of li nker bloat , separati on of pure "ENGINE" manipulati on | 1678 | reduc tion of li nker bloat , separati on of pure "ENGINE" manipulati on | |||
| 4581 | (init ialisation , etc) fro m function ality deal ing with i mplementat ions | 1679 | (init ialisation , etc) fro m function ality deal ing with i mplementat ions | |||
| 4582 | of sp ecific cry pto iterfa ces. This change als o introduc es integra ted | 1680 | of sp ecific cry pto iterfa ces. This change als o introduc es integra ted | |||
| 4583 | suppo rt for sym metric cip hers and d igest impl ementation s - so ENG INEs | 1681 | suppo rt for sym metric cip hers and d igest impl ementation s - so ENG INEs | |||
| 4584 | can n ow acceler ate these by providi ng EVP_CIP HER and EV P_MD | 1682 | can n ow acceler ate these by providi ng EVP_CIP HER and EV P_MD | |||
| 4585 | imple mentations of their own. This is detaile d in crypt o/engine/R EADME | 1683 | imple mentations of their own. This is detaile d in crypt o/engine/R EADME | |||
| 4586 | as it couldn't be adequat ely descri bed here. However, t here are a few | 1684 | as it couldn't be adequat ely descri bed here. However, t here are a few | |||
| 4587 | API c hanges wor th noting - some RSA , DSA, DH, and RAND functions that | 1685 | API c hanges wor th noting - some RSA , DSA, DH, and RAND functions that | |||
| 4588 | were changed in the origi nal introd uction of ENGINE cod e have now | 1686 | were changed in the origi nal introd uction of ENGINE cod e have now | |||
| 4589 | rever ted back - the hooki ng from th is code to ENGINE is now a goo d | 1687 | rever ted back - the hooki ng from th is code to ENGINE is now a goo d | |||
| 4590 | deal more passi ve and at run-time, operations deal dire ctly with | 1688 | deal more passi ve and at run-time, operations deal dire ctly with | |||
| 4591 | RSA_M ETHODs, DS A_METHODs (etc) as t hey did be fore, rath er than | 1689 | RSA_M ETHODs, DS A_METHODs (etc) as t hey did be fore, rath er than | |||
| 4592 | deref erencing t hrough an ENGINE poi nter any m ore. Also, the ENGIN E | 1690 | deref erencing t hrough an ENGINE poi nter any m ore. Also, the ENGIN E | |||
| 4593 | funct ions deali ng with BN _MOD_EXP[_ CRT] handl ers have b een remove d - | 1691 | funct ions deali ng with BN _MOD_EXP[_ CRT] handl ers have b een remove d - | |||
| 4594 | they were not b eing used by the fra mework as there is n o concept of a | 1692 | they were not b eing used by the fra mework as there is n o concept of a | |||
| 4595 | BIGNU M_METHOD a nd they co uld not be generalis ed to the new | 1693 | BIGNU M_METHOD a nd they co uld not be generalis ed to the new | |||
| 4596 | 'ENGI NE_TABLE' mechanism that under lies the n ew code. S imilarly, | 1694 | 'ENGI NE_TABLE' mechanism that under lies the n ew code. S imilarly, | |||
| 4597 | ENGIN E_cpy() ha s been rem oved as it cannot be consisten tly define d in | 1695 | ENGIN E_cpy() ha s been rem oved as it cannot be consisten tly define d in | |||
| 4598 | the n ew code. | 1696 | the n ew code. | |||
| 4599 | [Geof f Thorpe] | 1697 | [Geof f Thorpe] | |||
| 4600 | 1698 | |||||
| 4601 | *) Chang e ASN1_GEN ERALIZEDTI ME_check() to allow fractional seconds. | 1699 | *) Chang e ASN1_GEN ERALIZEDTI ME_check() to allow fractional seconds. | |||
| 4602 | [Stev e Henson] | 1700 | [Stev e Henson] | |||
| 4603 | 1701 | |||||
| 4604 | *) Chang e mkdef.pl to sort s ymbols tha t get the same entry number, | 1702 | *) Chang e mkdef.pl to sort s ymbols tha t get the same entry number, | |||
| 4605 | and m ake sure t he automat ically gen erated fun ctions ERR _load_* | 1703 | and m ake sure t he automat ically gen erated fun ctions ERR _load_* | |||
| 4606 | becom e part of libeay.num as well. | 1704 | becom e part of libeay.num as well. | |||
| 4607 | [Rich ard Levitt e] | 1705 | [Rich ard Levitt e] | |||
| 4608 | 1706 | |||||
| 4609 | *) New f unction SS L_renegoti ate_pendin g(). This returns t rue once | 1707 | *) New f unction SS L_renegoti ate_pendin g(). This returns t rue once | |||
| 4610 | reneg otiation h as been re quested (e ither SSL_ renegotiat e() call | 1708 | reneg otiation h as been re quested (e ither SSL_ renegotiat e() call | |||
| 4611 | or He lloRequest /ClientHel lo recevei ved from t he peer) a nd becomes | 1709 | or He lloRequest /ClientHel lo recevei ved from t he peer) a nd becomes | |||
| 4612 | false once a ha ndshake ha s been com pleted. | 1710 | false once a ha ndshake ha s been com pleted. | |||
| 4613 | (For servers, S SL_renegot iate() fol lowed by S SL_do_hand shake() | 1711 | (For servers, S SL_renegot iate() fol lowed by S SL_do_hand shake() | |||
| 4614 | sends a HelloRe quest, but does not ensure tha t a handsh ake takes | 1712 | sends a HelloRe quest, but does not ensure tha t a handsh ake takes | |||
| 4615 | place . SSL_ren egotiate_p ending() i s useful f or checkin g if the | 1713 | place . SSL_ren egotiate_p ending() i s useful f or checkin g if the | |||
| 4616 | clien t has foll owed the r equest.) | 1714 | clien t has foll owed the r equest.) | |||
| 4617 | [Bodo Moeller] | 1715 | [Bodo Moeller] | |||
| 4618 | 1716 | |||||
| 4619 | *) New S SL option SSL_OP_NO_ SESSION_RE SUMPTION_O N_RENEGOTI ATION. | 1717 | *) New S SL option SSL_OP_NO_ SESSION_RE SUMPTION_O N_RENEGOTI ATION. | |||
| 4620 | By de fault, cli ents may r equest ses sion resum ption even during | 1718 | By de fault, cli ents may r equest ses sion resum ption even during | |||
| 4621 | reneg otiation ( if session ID contex ts permit) ; with thi s option, | 1719 | reneg otiation ( if session ID contex ts permit) ; with thi s option, | |||
| 4622 | sessi on resumpt ion is pos sible only in the fi rst handsh ake. | 1720 | sessi on resumpt ion is pos sible only in the fi rst handsh ake. | |||
| 4623 | 1721 | |||||
| 4624 | SSL_O P_ALL is n ow 0x00000 FFFL inste ad of 0x00 0FFFFFL. This makes | 1722 | SSL_O P_ALL is n ow 0x00000 FFFL inste ad of 0x00 0FFFFFL. This makes | |||
| 4625 | more bits avail able for o ptions tha t should n ot be part of | 1723 | more bits avail able for o ptions tha t should n ot be part of | |||
| 4626 | SSL_O P_ALL (suc h as SSL_O P_NO_SESSI ON_RESUMPT ION_ON_REN EGOTIATION ). | 1724 | SSL_O P_ALL (suc h as SSL_O P_NO_SESSI ON_RESUMPT ION_ON_REN EGOTIATION ). | |||
| 4627 | [Bodo Moeller] | 1725 | [Bodo Moeller] | |||
| 4628 | 1726 | |||||
| 4629 | *) Add s ome demos for certif icate and certificat e request creation. | 1727 | *) Add s ome demos for certif icate and certificat e request creation. | |||
| 4630 | [Stev e Henson] | 1728 | [Stev e Henson] | |||
| 4631 | 1729 | |||||
| 4632 | *) Make maximum ce rtificate chain size accepted from the p eer applic ation | 1730 | *) Make maximum ce rtificate chain size accepted from the p eer applic ation | |||
| 4633 | setta ble (SSL*_ get/set_ma x_cert_lis t()), as p roposed by | 1731 | setta ble (SSL*_ get/set_ma x_cert_lis t()), as p roposed by | |||
| 4634 | "Doug las E. Eng ert" <deen gert@anl.g ov>. | 1732 | "Doug las E. Eng ert" <deen gert@anl.g ov>. | |||
| 4635 | [Lutz Jaenicke] | 1733 | [Lutz Jaenicke] | |||
| 4636 | 1734 | |||||
| 4637 | *) Add s upport for shared li braries fo r Unixware -7 | 1735 | *) Add s upport for shared li braries fo r Unixware -7 | |||
| 4638 | (Boyd Lynn Gerb er <gerber b@zenez.co m>). | 1736 | (Boyd Lynn Gerb er <gerber b@zenez.co m>). | |||
| 4639 | [Lutz Jaenicke] | 1737 | [Lutz Jaenicke] | |||
| 4640 | 1738 | |||||
| 4641 | *) Add a "destroy" handler t o ENGINEs that allow s structur al cleanup to | 1739 | *) Add a "destroy" handler t o ENGINEs that allow s structur al cleanup to | |||
| 4642 | be do ne prior t o destruct ion. Use t his to unl oad error strings fr om | 1740 | be do ne prior t o destruct ion. Use t his to unl oad error strings fr om | |||
| 4643 | ENGIN Es that lo ad their o wn error s trings. NB : This add s two new API | 1741 | ENGIN Es that lo ad their o wn error s trings. NB : This add s two new API | |||
| 4644 | funct ions to "g et" and "s et" this d estroy han dler in an ENGINE. | 1742 | funct ions to "g et" and "s et" this d estroy han dler in an ENGINE. | |||
| 4645 | [Geof f Thorpe] | 1743 | [Geof f Thorpe] | |||
| 4646 | 1744 | |||||
| 4647 | *) Alter all exist ing ENGINE implement ations (ex cept "open ssl" and | 1745 | *) Alter all exist ing ENGINE implement ations (ex cept "open ssl" and | |||
| 4648 | "open bsd") to d ynamically instantia te their o wn error s trings. Th is | 1746 | "open bsd") to d ynamically instantia te their o wn error s trings. Th is | |||
| 4649 | makes them more flexible to be buil t both as statically -linked EN GINEs | 1747 | makes them more flexible to be buil t both as statically -linked EN GINEs | |||
| 4650 | and s elf-contai ned shared -libraries loadable via the "d ynamic" EN GINE. | 1748 | and s elf-contai ned shared -libraries loadable via the "d ynamic" EN GINE. | |||
| 4651 | Also, add stub code to ea ch that ma kes buildi ng them as self-cont ained | 1749 | Also, add stub code to ea ch that ma kes buildi ng them as self-cont ained | |||
| 4652 | share d-librarie s easier ( see README .ENGINE). | 1750 | share d-librarie s easier ( see README .ENGINE). | |||
| 4653 | [Geof f Thorpe] | 1751 | [Geof f Thorpe] | |||
| 4654 | 1752 | |||||
| 4655 | *) Add a "dynamic" ENGINE th at provide s a mechan ism for bi nding ENGI NE | 1753 | *) Add a "dynamic" ENGINE th at provide s a mechan ism for bi nding ENGI NE | |||
| 4656 | imple mentations into appl ications t hat are co mpletely i mplemented in | 1754 | imple mentations into appl ications t hat are co mpletely i mplemented in | |||
| 4657 | self- contained shared-lib raries. Th e "dynamic " ENGINE e xposes con trol | 1755 | self- contained shared-lib raries. Th e "dynamic " ENGINE e xposes con trol | |||
| 4658 | comma nds that c an be used to config ure what s hared-libr ary to loa d and | 1756 | comma nds that c an be used to config ure what s hared-libr ary to loa d and | |||
| 4659 | to co ntrol aspe cts of the way it is handled. Also, made an update to | 1757 | to co ntrol aspe cts of the way it is handled. Also, made an update to | |||
| 4660 | the R EADME.ENGI NE file th at brings its inform ation up-t o-date and | 1758 | the R EADME.ENGI NE file th at brings its inform ation up-t o-date and | |||
| 4661 | provi des some i nformation and instr uctions on the "dyna mic" ENGIN E | 1759 | provi des some i nformation and instr uctions on the "dyna mic" ENGIN E | |||
| 4662 | (ie. how to use it, how t o build "d ynamic"-lo adable ENG INEs, etc) . | 1760 | (ie. how to use it, how t o build "d ynamic"-lo adable ENG INEs, etc) . | |||
| 4663 | [Geof f Thorpe] | 1761 | [Geof f Thorpe] | |||
| 4664 | 1762 | |||||
| 4665 | *) Make it possibl e to unloa d ranges o f ERR stri ngs with a new | 1763 | *) Make it possibl e to unloa d ranges o f ERR stri ngs with a new | |||
| 4666 | "ERR_ unload_str ings" func tion. | 1764 | "ERR_ unload_str ings" func tion. | |||
| 4667 | [Geof f Thorpe] | 1765 | [Geof f Thorpe] | |||
| 4668 | 1766 | |||||
| 4669 | *) Add a copy() fu nction to EVP_MD. | 1767 | *) Add a copy() fu nction to EVP_MD. | |||
| 4670 | [Ben Laurie] | 1768 | [Ben Laurie] | |||
| 4671 | 1769 | |||||
| 4672 | *) Make EVP_MD rou tines take a context pointer i nstead of just the | 1770 | *) Make EVP_MD rou tines take a context pointer i nstead of just the | |||
| 4673 | md_da ta void po inter. | 1771 | md_da ta void po inter. | |||
| 4674 | [Ben Laurie] | 1772 | [Ben Laurie] | |||
| 4675 | 1773 | |||||
| 4676 | *) Add f lags to EV P_MD and E VP_MD_CTX. EVP_MD_FL AG_ONESHOT indicates | 1774 | *) Add f lags to EV P_MD and E VP_MD_CTX. EVP_MD_FL AG_ONESHOT indicates | |||
| 4677 | that the digest can only process a single chu nk of data | 1775 | that the digest can only process a single chu nk of data | |||
| 4678 | (typi cally beca use it is provided b y a piece of | 1776 | (typi cally beca use it is provided b y a piece of | |||
| 4679 | hardw are). EVP_ MD_CTX_FLA G_ONESHOT indicates that the a pplication | 1777 | hardw are). EVP_ MD_CTX_FLA G_ONESHOT indicates that the a pplication | |||
| 4680 | is on ly going t o provide a single c hunk of da ta, and he nce the | 1778 | is on ly going t o provide a single c hunk of da ta, and he nce the | |||
| 4681 | frame work needn 't accumul ate the da ta for one shot drive rs. | 1779 | frame work needn 't accumul ate the da ta for one shot drive rs. | |||
| 4682 | [Ben Laurie] | 1780 | [Ben Laurie] | |||
| 4683 | 1781 | |||||
| 4684 | *) As wi th "ERR", make it po ssible to replace th e underlyi ng "ex_dat a" | 1782 | *) As wi th "ERR", make it po ssible to replace th e underlyi ng "ex_dat a" | |||
| 4685 | funct ions. This change al so alters the storag e and mana gement of global | 1783 | funct ions. This change al so alters the storag e and mana gement of global | |||
| 4686 | ex_da ta state - it's now all inside ex_data.c and all " class" cod e (eg. | 1784 | ex_da ta state - it's now all inside ex_data.c and all " class" cod e (eg. | |||
| 4687 | RSA, BIO, SSL_C TX, etc) n o longer s tores its own STACKS and per-c lass | 1785 | RSA, BIO, SSL_C TX, etc) n o longer s tores its own STACKS and per-c lass | |||
| 4688 | index counters. The API f unctions t hat use th is state h ave been c hanged | 1786 | index counters. The API f unctions t hat use th is state h ave been c hanged | |||
| 4689 | to ta ke a "clas s_index" r ather than pointers to the cla ss's local STACK | 1787 | to ta ke a "clas s_index" r ather than pointers to the cla ss's local STACK | |||
| 4690 | and c ounter, an d there is now an AP I function to dynami cally crea te new | 1788 | and c ounter, an d there is now an AP I function to dynami cally crea te new | |||
| 4691 | class es. This c entralisat ion allows us to (a) plug a lo t of the | 1789 | class es. This c entralisat ion allows us to (a) plug a lo t of the | |||
| 4692 | threa d-safety p roblems th at existed , and (b) makes it p ossible to clean | 1790 | threa d-safety p roblems th at existed , and (b) makes it p ossible to clean | |||
| 4693 | up al l allocate d state us ing "CRYPT O_cleanup_ all_ex_dat a()". W.r. t. (b) | 1791 | up al l allocate d state us ing "CRYPT O_cleanup_ all_ex_dat a()". W.r. t. (b) | |||
| 4694 | such data would previousl y have alw ays leaked in applic ation code and | 1792 | such data would previousl y have alw ays leaked in applic ation code and | |||
| 4695 | worka rounds wer e in place to make t he memory debugging turn a bli nd eye | 1793 | worka rounds wer e in place to make t he memory debugging turn a bli nd eye | |||
| 4696 | to it . Applicat ion code t hat doesn' t use this new funct ion will s till | 1794 | to it . Applicat ion code t hat doesn' t use this new funct ion will s till | |||
| 4697 | leak as before, but their memory de bugging ou tput will announce i t now | 1795 | leak as before, but their memory de bugging ou tput will announce i t now | |||
| 4698 | rathe r than let ting it sl ide. | 1796 | rathe r than let ting it sl ide. | |||
| 4699 | 1797 | |||||
| 4700 | Besid es the add ition of C RYPTO_clea nup_all_ex _data(), a nother API change | 1798 | Besid es the add ition of C RYPTO_clea nup_all_ex _data(), a nother API change | |||
| 4701 | induc ed by the "ex_data" overhaul i s that X50 9_STORE_CT X_init() n ow | 1799 | induc ed by the "ex_data" overhaul i s that X50 9_STORE_CT X_init() n ow | |||
| 4702 | has a return va lue to ind icate succ ess or fai lure. | 1800 | has a return va lue to ind icate succ ess or fai lure. | |||
| 4703 | [Geof f Thorpe] | 1801 | [Geof f Thorpe] | |||
| 4704 | 1802 | |||||
| 4705 | *) Make it possibl e to repla ce the und erlying "E RR" functi ons such t hat the | 1803 | *) Make it possibl e to repla ce the und erlying "E RR" functi ons such t hat the | |||
| 4706 | globa l state (2 LHASH tab les and 2 locks) is only used by the "de fault" | 1804 | globa l state (2 LHASH tab les and 2 locks) is only used by the "de fault" | |||
| 4707 | imple mentation. This chan ge also ad ds two fun ctions to "get" and "set" | 1805 | imple mentation. This chan ge also ad ds two fun ctions to "get" and "set" | |||
| 4708 | the i mplementat ion prior to it bein g automati cally set the first time | 1806 | the i mplementat ion prior to it bein g automati cally set the first time | |||
| 4709 | any o ther ERR f unction ta kes place. Ie. an ap plication can call " get", | 1807 | any o ther ERR f unction ta kes place. Ie. an ap plication can call " get", | |||
| 4710 | pass the return value to a module i t has just loaded, a nd that mo dule | 1808 | pass the return value to a module i t has just loaded, a nd that mo dule | |||
| 4711 | can c all its ow n "set" fu nction usi ng that va lue. This means the | 1809 | can c all its ow n "set" fu nction usi ng that va lue. This means the | |||
| 4712 | modul e's "ERR" operations will use (and modif y) the err or state i n the | 1810 | modul e's "ERR" operations will use (and modif y) the err or state i n the | |||
| 4713 | appli cation and not in it s own stat ically lin ked copy o f OpenSSL code. | 1811 | appli cation and not in it s own stat ically lin ked copy o f OpenSSL code. | |||
| 4714 | [Geof f Thorpe] | 1812 | [Geof f Thorpe] | |||
| 4715 | 1813 | |||||
| 4716 | *) Give DH, DSA, a nd RSA typ es their o wn "**_up_ ref()" fun ction to i ncrement | 1814 | *) Give DH, DSA, a nd RSA typ es their o wn "**_up_ ref()" fun ction to i ncrement | |||
| 4717 | refer ence count s. This pe rforms nor mal REF_PR INT/REF_CH ECK macros on | 1815 | refer ence count s. This pe rforms nor mal REF_PR INT/REF_CH ECK macros on | |||
| 4718 | the o peration, and provid es a more encapsulat ed way for external code | 1816 | the o peration, and provid es a more encapsulat ed way for external code | |||
| 4719 | (cryp to/evp/ an d ssl/) to do this. Also chang ed the evp and ssl c ode | 1817 | (cryp to/evp/ an d ssl/) to do this. Also chang ed the evp and ssl c ode | |||
| 4720 | to us e these fu nctions ra ther than manually i ncrementin g the coun ts. | 1818 | to us e these fu nctions ra ther than manually i ncrementin g the coun ts. | |||
| 4721 | 1819 | |||||
| 4722 | Also rename "DS O_up()" fu nction to more descr iptive "DS O_up_ref() ". | 1820 | Also rename "DS O_up()" fu nction to more descr iptive "DS O_up_ref() ". | |||
| 4723 | [Geof f Thorpe] | 1821 | [Geof f Thorpe] | |||
| 4724 | 1822 | |||||
| 4725 | *) Add E VP test pr ogram. | 1823 | *) Add E VP test pr ogram. | |||
| 4726 | [Ben Laurie] | 1824 | [Ben Laurie] | |||
| 4727 | 1825 | |||||
| 4728 | *) Add s ymmetric c ipher supp ort to ENG INE. Expec t the API to change! | 1826 | *) Add s ymmetric c ipher supp ort to ENG INE. Expec t the API to change! | |||
| 4729 | [Ben Laurie] | 1827 | [Ben Laurie] | |||
| 4730 | 1828 | |||||
| 4731 | *) New C RL functio ns: X509_C RL_set_ver sion(), X5 09_CRL_set _issuer_na me() | 1829 | *) New C RL functio ns: X509_C RL_set_ver sion(), X5 09_CRL_set _issuer_na me() | |||
| 4732 | X509_ CRL_set_la stUpdate() , X509_CRL _set_nextU pdate(), X 509_CRL_so rt(), | 1830 | X509_ CRL_set_la stUpdate() , X509_CRL _set_nextU pdate(), X 509_CRL_so rt(), | |||
| 4733 | X509_ REVOKED_se t_serialNu mber(), an d X509_REV OKED_set_r evocationD ate(). | 1831 | X509_ REVOKED_se t_serialNu mber(), an d X509_REV OKED_set_r evocationD ate(). | |||
| 4734 | These allow a C RL to be b uilt witho ut having to access X509_CRL f ields | 1832 | These allow a C RL to be b uilt witho ut having to access X509_CRL f ields | |||
| 4735 | direc tly. Modif y 'ca' app lication t o use new functions. | 1833 | direc tly. Modif y 'ca' app lication t o use new functions. | |||
| 4736 | [Stev e Henson] | 1834 | [Stev e Henson] | |||
| 4737 | 1835 | |||||
| 4738 | *) Move SSL_OP_TLS _ROLLBACK_ BUG out of the SSL_O P_ALL list of recomm ended | 1836 | *) Move SSL_OP_TLS _ROLLBACK_ BUG out of the SSL_O P_ALL list of recomm ended | |||
| 4739 | bug w orkarounds . Rollback attack de tection is a securit y feature. | 1837 | bug w orkarounds . Rollback attack de tection is a securit y feature. | |||
| 4740 | The p roblem wil l only ari se on Open SSL server s when TLS v1 is not | 1838 | The p roblem wil l only ari se on Open SSL server s when TLS v1 is not | |||
| 4741 | avail able (sslv 3_server_m ethod() or SSL_OP_NO _TLSv1). | 1839 | avail able (sslv 3_server_m ethod() or SSL_OP_NO _TLSv1). | |||
| 4742 | Softw are author s not want ing to sup port TLSv1 will have special r easons | 1840 | Softw are author s not want ing to sup port TLSv1 will have special r easons | |||
| 4743 | for t heir choic e and can explicitly enable th is option. | 1841 | for t heir choic e and can explicitly enable th is option. | |||
| 4744 | [Bodo Moeller, Lutz Jaeni cke] | 1842 | [Bodo Moeller, Lutz Jaeni cke] | |||
| 4745 | 1843 | |||||
| 4746 | *) Ratio nalise EVP so it can be extend ed: don't include a union of | 1844 | *) Ratio nalise EVP so it can be extend ed: don't include a union of | |||
| 4747 | ciphe r/digest s tructures, add init/ cleanup fu nctions fo r EVP_MD_C TX | 1845 | ciphe r/digest s tructures, add init/ cleanup fu nctions fo r EVP_MD_C TX | |||
| 4748 | (simi lar to tho se existin g for EVP_ CIPHER_CTX ). | 1846 | (simi lar to tho se existin g for EVP_ CIPHER_CTX ). | |||
| 4749 | Usage example: | 1847 | Usage example: | |||
| 4750 | 1848 | |||||
| 4751 | E VP_MD_CTX md; | 1849 | E VP_MD_CTX md; | |||
| 4752 | 1850 | |||||
| 4753 | E VP_MD_CTX_ init(&md); /* new function c all */ | 1851 | E VP_MD_CTX_ init(&md); /* new function c all */ | |||
| 4754 | E VP_DigestI nit(&md, E VP_sha1()) ; | 1852 | E VP_DigestI nit(&md, E VP_sha1()) ; | |||
| 4755 | E VP_DigestU pdate(&md, in, len); | 1853 | E VP_DigestU pdate(&md, in, len); | |||
| 4756 | E VP_DigestF inal(&md, out, NULL) ; | 1854 | E VP_DigestF inal(&md, out, NULL) ; | |||
| 4757 | E VP_MD_CTX_ cleanup(&m d); /* new function c all */ | 1855 | E VP_MD_CTX_ cleanup(&m d); /* new function c all */ | |||
| 4758 | 1856 | |||||
| 4759 | [Ben Laurie] | 1857 | [Ben Laurie] | |||
| 4760 | 1858 | |||||
| 4761 | *) Make DES key sc hedule con form to th e usual sc heme, as w ell as | 1859 | *) Make DES key sc hedule con form to th e usual sc heme, as w ell as | |||
| 4762 | corre cting its structure. This mean s that cal ls to DES functions | 1860 | corre cting its structure. This mean s that cal ls to DES functions | |||
| 4763 | now h ave to pas s a pointe r to a des _key_sched ule instea d of a | 1861 | now h ave to pas s a pointe r to a des _key_sched ule instea d of a | |||
| 4764 | plain des_key_s chedule (w hich was a ctually al ways a poi nter | 1862 | plain des_key_s chedule (w hich was a ctually al ways a poi nter | |||
| 4765 | anywa y): E.g., | 1863 | anywa y): E.g., | |||
| 4766 | 1864 | |||||
| 4767 | d es_key_sch edule ks; | 1865 | d es_key_sch edule ks; | |||
| 4768 | 1866 | |||||
| 4769 | d es_set_key _checked(. .., &ks); | 1867 | d es_set_key _checked(. .., &ks); | |||
| 4770 | d es_ncbc_en crypt(..., &ks, ...) ; | 1868 | d es_ncbc_en crypt(..., &ks, ...) ; | |||
| 4771 | 1869 | |||||
| 4772 | (Note that a la ter change renames ' des_...' i nto 'DES_. ..'.) | 1870 | (Note that a la ter change renames ' des_...' i nto 'DES_. ..'.) | |||
| 4773 | [Ben Laurie] | 1871 | [Ben Laurie] | |||
| 4774 | 1872 | |||||
| 4775 | *) Initi al reducti on of link er bloat: the use of some func tions, suc h as | 1873 | *) Initi al reducti on of link er bloat: the use of some func tions, suc h as | |||
| 4776 | PEM c auses larg e amounts of unused functions to be link ed in due to | 1874 | PEM c auses larg e amounts of unused functions to be link ed in due to | |||
| 4777 | poor organisati on. For ex ample pem_ all.c cont ains every PEM funct ion | 1875 | poor organisati on. For ex ample pem_ all.c cont ains every PEM funct ion | |||
| 4778 | which has a kno ck on effe ct of link ing in lar ge amounts of (unuse d) | 1876 | which has a kno ck on effe ct of link ing in lar ge amounts of (unuse d) | |||
| 4779 | ASN1 code. Grou ping toget her simila r function s and spli tting unre lated | 1877 | ASN1 code. Grou ping toget her simila r function s and spli tting unre lated | |||
| 4780 | funct ions preve nts this. | 1878 | funct ions preve nts this. | |||
| 4781 | [Stev e Henson] | 1879 | [Stev e Henson] | |||
| 4782 | 1880 | |||||
| 4783 | *) Clean up of EVP macros. | 1881 | *) Clean up of EVP macros. | |||
| 4784 | [Ben Laurie] | 1882 | [Ben Laurie] | |||
| 4785 | 1883 | |||||
| 4786 | *) Chang e historic al referen ces to {NI D,SN,LN}_d es_ede and ede3 to a dd the | 1884 | *) Chang e historic al referen ces to {NI D,SN,LN}_d es_ede and ede3 to a dd the | |||
| 4787 | corre ct _ecb su ffix. | 1885 | corre ct _ecb su ffix. | |||
| 4788 | [Ben Laurie] | 1886 | [Ben Laurie] | |||
| 4789 | 1887 | |||||
| 4790 | *) Add i nitial OCS P responde r support to ocsp ap plication. The | 1888 | *) Add i nitial OCS P responde r support to ocsp ap plication. The | |||
| 4791 | revoc ation info rmation is handled u sing the t ext based index | 1889 | revoc ation info rmation is handled u sing the t ext based index | |||
| 4792 | use b y the ca a pplication . The resp onder can either han dle | 1890 | use b y the ca a pplication . The resp onder can either han dle | |||
| 4793 | reque sts genera ted intern ally, supp lied in fi les (for e xample | 1891 | reque sts genera ted intern ally, supp lied in fi les (for e xample | |||
| 4794 | via a CGI scrip t) or usin g an inter nal minima l server. | 1892 | via a CGI scrip t) or usin g an inter nal minima l server. | |||
| 4795 | [Stev e Henson] | 1893 | [Stev e Henson] | |||
| 4796 | 1894 | |||||
| 4797 | *) Add c onfigurati on choices to get zl ib compres sion for T LS. | 1895 | *) Add c onfigurati on choices to get zl ib compres sion for T LS. | |||
| 4798 | [Rich ard Levitt e] | 1896 | [Rich ard Levitt e] | |||
| 4799 | 1897 | |||||
| 4800 | *) Chang es to Kerb eros SSL f or RFC 271 2 complian ce: | 1898 | *) Chang es to Kerb eros SSL f or RFC 271 2 complian ce: | |||
| 4801 | 1. I mplemented real Kerb erosWrappe r, instead of just u sing | 1899 | 1. I mplemented real Kerb erosWrappe r, instead of just u sing | |||
| 4802 | K RB5 AP_REQ message. [Thanks t o Simon Wi lkinson <s xw@sxw.org .uk>] | 1900 | K RB5 AP_REQ message. [Thanks t o Simon Wi lkinson <s xw@sxw.org .uk>] | |||
| 4803 | 2. I mplemented optional authentica tor field of Kerbero sWrapper. | 1901 | 2. I mplemented optional authentica tor field of Kerbero sWrapper. | |||
| 4804 | 1902 | |||||
| 4805 | Added openssl-s tyle ASN.1 macros fo r Kerberos ticket, a p_req, | 1903 | Added openssl-s tyle ASN.1 macros fo r Kerberos ticket, a p_req, | |||
| 4806 | and a uthenticat or structs ; see cryp to/krb5/. | 1904 | and a uthenticat or structs ; see cryp to/krb5/. | |||
| 4807 | 1905 | |||||
| 4808 | Gener alized Ker beros call s to suppo rt multipl e Kerberos libraries . | 1906 | Gener alized Ker beros call s to suppo rt multipl e Kerberos libraries . | |||
| 4809 | [Vern Staats <s taatsvr@as c.hpc.mil> , | 1907 | [Vern Staats <s taatsvr@as c.hpc.mil> , | |||
| 4810 | Jeff rey Altman <jaltman@ columbia.e du> | 1908 | Jeff rey Altman <jaltman@ columbia.e du> | |||
| 4811 | via Richard Le vitte] | 1909 | via Richard Le vitte] | |||
| 4812 | 1910 | |||||
| 4813 | *) Cause 'openssl speed' to use fully hard-coded DSA keys as it | 1911 | *) Cause 'openssl speed' to use fully hard-coded DSA keys as it | |||
| 4814 | alrea dy does wi th RSA. te stdsa.h no w has 'pri v_key/pub_ key' | 1912 | alrea dy does wi th RSA. te stdsa.h no w has 'pri v_key/pub_ key' | |||
| 4815 | value s for each of the ke y sizes ra ther than having jus t | 1913 | value s for each of the ke y sizes ra ther than having jus t | |||
| 4816 | param eters (and 'speed' g enerating keys each time). | 1914 | param eters (and 'speed' g enerating keys each time). | |||
| 4817 | [Geof f Thorpe] | 1915 | [Geof f Thorpe] | |||
| 4818 | 1916 | |||||
| 4819 | *) Speed up EVP ro utines. | 1917 | *) Speed up EVP ro utines. | |||
| 4820 | Befor e: | 1918 | Befor e: | |||
| 4821 | encrypt | 1919 | encrypt | |||
| 4822 | type 8 bytes 64 bytes 256 byte s 1024 b ytes 819 2 bytes | 1920 | type 8 bytes 64 bytes 256 byte s 1024 b ytes 819 2 bytes | |||
| 4823 | des-cbc 44 08.85k 5560.51k 5778.4 6k 586 2.20k 5825.16k | 1921 | des-cbc 44 08.85k 5560.51k 5778.4 6k 586 2.20k 5825.16k | |||
| 4824 | des-cbc 43 89.55k 5571.17k 5792.2 3k 584 6.91k 5832.11k | 1922 | des-cbc 43 89.55k 5571.17k 5792.2 3k 584 6.91k 5832.11k | |||
| 4825 | des-cbc 43 94.32k 5575.92k 5807.4 4k 584 8.37k 5841.30k | 1923 | des-cbc 43 94.32k 5575.92k 5807.4 4k 584 8.37k 5841.30k | |||
| 4826 | decrypt | 1924 | decrypt | |||
| 4827 | des-cbc 34 82.66k 5069.49k 5496.3 9k 561 4.16k 5639.28k | 1925 | des-cbc 34 82.66k 5069.49k 5496.3 9k 561 4.16k 5639.28k | |||
| 4828 | des-cbc 34 80.74k 5068.76k 5510.3 4k 560 9.87k 5635.52k | 1926 | des-cbc 34 80.74k 5068.76k 5510.3 4k 560 9.87k 5635.52k | |||
| 4829 | des-cbc 34 83.72k 5067.62k 5504.6 0k 570 8.01k 5724.80k | 1927 | des-cbc 34 83.72k 5067.62k 5504.6 0k 570 8.01k 5724.80k | |||
| 4830 | After : | 1928 | After : | |||
| 4831 | encrypt | 1929 | encrypt | |||
| 4832 | des-cbc 46 60.16k 5650.19k 5807.1 9k 582 7.13k 5783.32k | 1930 | des-cbc 46 60.16k 5650.19k 5807.1 9k 582 7.13k 5783.32k | |||
| 4833 | decrypt | 1931 | decrypt | |||
| 4834 | des-cbc 36 24.96k 5258.21k 5530.9 1k 562 4.30k 5628.26k | 1932 | des-cbc 36 24.96k 5258.21k 5530.9 1k 562 4.30k 5628.26k | |||
| 4835 | [Ben Laurie] | 1933 | [Ben Laurie] | |||
| 4836 | 1934 | |||||
| 4837 | *) Added the OS2-E MX target. | 1935 | *) Added the OS2-E MX target. | |||
| 4838 | ["Bri an Havard" <brianh@k heldar.apa na.org.au> and Richa rd Levitte ] | 1936 | ["Bri an Havard" <brianh@k heldar.apa na.org.au> and Richa rd Levitte ] | |||
| 4839 | 1937 | |||||
| 4840 | *) Rewri te apps to use NCONF routines instead of the old C ONF. New f unctions | 1938 | *) Rewri te apps to use NCONF routines instead of the old C ONF. New f unctions | |||
| 4841 | to su pport NCON F routines in extens ion code. New functi on CONF_se t_nconf() | 1939 | to su pport NCON F routines in extens ion code. New functi on CONF_se t_nconf() | |||
| 4842 | to al low functi ons which take an NC ONF to als o handle t he old LHA SH | 1940 | to al low functi ons which take an NC ONF to als o handle t he old LHA SH | |||
| 4843 | struc ture: this means tha t the old CONF compa tible rout ines can b e | 1941 | struc ture: this means tha t the old CONF compa tible rout ines can b e | |||
| 4844 | retai ned (in pa rticular w rt extensi ons) witho ut having to duplica te the | 1942 | retai ned (in pa rticular w rt extensi ons) witho ut having to duplica te the | |||
| 4845 | code. New funct ion X509V3 _add_ext_n conf_sk to add exten sions to a stack. | 1943 | code. New funct ion X509V3 _add_ext_n conf_sk to add exten sions to a stack. | |||
| 4846 | [Stev e Henson] | 1944 | [Stev e Henson] | |||
| 4847 | 1945 | |||||
| 4848 | *) Enhan ce the gen eral user interface with mecha nisms for inner cont rol | 1946 | *) Enhan ce the gen eral user interface with mecha nisms for inner cont rol | |||
| 4849 | and w ith possib ilities to have yes/ no kind of prompts. | 1947 | and w ith possib ilities to have yes/ no kind of prompts. | |||
| 4850 | [Rich ard Levitt e] | 1948 | [Rich ard Levitt e] | |||
| 4851 | 1949 | |||||
| 4852 | *) Chang e all call s to low l evel diges t routines in the li brary and | 1950 | *) Chang e all call s to low l evel diges t routines in the li brary and | |||
| 4853 | appli cations to use EVP. Add missin g calls to HMAC_clea nup() and | 1951 | appli cations to use EVP. Add missin g calls to HMAC_clea nup() and | |||
| 4854 | don't assume HM AC_CTX can be copied using mem cpy(). | 1952 | don't assume HM AC_CTX can be copied using mem cpy(). | |||
| 4855 | [Verd on Walker <VWalker@n ovell.com> , Steve He nson] | 1953 | [Verd on Walker <VWalker@n ovell.com> , Steve He nson] | |||
| 4856 | 1954 | |||||
| 4857 | *) Add t he possibi lity to co ntrol engi nes throug h control names but with | 1955 | *) Add t he possibi lity to co ntrol engi nes throug h control names but with | |||
| 4858 | arbit rary argum ents inste ad of just a string. | 1956 | arbit rary argum ents inste ad of just a string. | |||
| 4859 | Chang e the key loaders to take a UI _METHOD in stead of a callback | 1957 | Chang e the key loaders to take a UI _METHOD in stead of a callback | |||
| 4860 | funct ion pointe r. NOTE: this break s binary c ompatibili ty with ea rlier | 1958 | funct ion pointe r. NOTE: this break s binary c ompatibili ty with ea rlier | |||
| 4861 | versi ons of Ope nSSL [engi ne]. | 1959 | versi ons of Ope nSSL [engi ne]. | |||
| 4862 | Adapt the nCiph er code fo r these ne w conditio ns and add a card in sertion | 1960 | Adapt the nCiph er code fo r these ne w conditio ns and add a card in sertion | |||
| 4863 | callb ack. | 1961 | callb ack. | |||
| 4864 | [Rich ard Levitt e] | 1962 | [Rich ard Levitt e] | |||
| 4865 | 1963 | |||||
| 4866 | *) Enhan ce the gen eral user interface with mecha nisms to b etter supp ort | 1964 | *) Enhan ce the gen eral user interface with mecha nisms to b etter supp ort | |||
| 4867 | dialo g box inte rfaces, ap plication- defined pr ompts, the possibili ty | 1965 | dialo g box inte rfaces, ap plication- defined pr ompts, the possibili ty | |||
| 4868 | to us e defaults (for exam ple defaul t password s from som ewhere els e) | 1966 | to us e defaults (for exam ple defaul t password s from som ewhere els e) | |||
| 4869 | and i nterrupts/ cancellati ons. | 1967 | and i nterrupts/ cancellati ons. | |||
| 4870 | [Rich ard Levitt e] | 1968 | [Rich ard Levitt e] | |||
| 4871 | 1969 | |||||
| 4872 | *) Tidy up PKCS#12 attribute handling. Add suppo rt for the CSP name | 1970 | *) Tidy up PKCS#12 attribute handling. Add suppo rt for the CSP name | |||
| 4873 | attri bute in PK CS#12 file s, add new -CSP opti on to pkcs 12 utility . | 1971 | attri bute in PK CS#12 file s, add new -CSP opti on to pkcs 12 utility . | |||
| 4874 | [Stev e Henson] | 1972 | [Stev e Henson] | |||
| 4875 | 1973 | |||||
| 4876 | *) Fix a memory le ak in 'sk_ dup()' in the case r eallocatio n fails. ( Also | 1974 | *) Fix a memory le ak in 'sk_ dup()' in the case r eallocatio n fails. ( Also | |||
| 4877 | tidy up some un necessaril y weird co de in 'sk_ new()'). | 1975 | tidy up some un necessaril y weird co de in 'sk_ new()'). | |||
| 4878 | [Geof f, reporte d by Diego Tartara < dtartara@n ovamens.co m>] | 1976 | [Geof f, reporte d by Diego Tartara < dtartara@n ovamens.co m>] | |||
| 4879 | 1977 | |||||
| 4880 | *) Chang e the key loading ro utines for ENGINEs t o use the same kind | 1978 | *) Chang e the key loading ro utines for ENGINEs t o use the same kind | |||
| 4881 | callb ack (pem_p assword_cb ) as all o ther routi nes that n eed this | 1979 | callb ack (pem_p assword_cb ) as all o ther routi nes that n eed this | |||
| 4882 | kind of callbac k. | 1980 | kind of callbac k. | |||
| 4883 | [Rich ard Levitt e] | 1981 | [Rich ard Levitt e] | |||
| 4884 | 1982 | |||||
| 4885 | *) Incre ase ENTROP Y_NEEDED t o 32 bytes , as Rijnd ael can op erate with | 1983 | *) Incre ase ENTROP Y_NEEDED t o 32 bytes , as Rijnd ael can op erate with | |||
| 4886 | 256 b it (=32 by te) keys. Of course seeding wi th more en tropy byte s | 1984 | 256 b it (=32 by te) keys. Of course seeding wi th more en tropy byte s | |||
| 4887 | than this minim um value i s recommen ded. | 1985 | than this minim um value i s recommen ded. | |||
| 4888 | [Lutz Jaenicke] | 1986 | [Lutz Jaenicke] | |||
| 4889 | 1987 | |||||
| 4890 | *) New r andom seed er for Ope nVMS, usin g the syst em process statistic s | 1988 | *) New r andom seed er for Ope nVMS, usin g the syst em process statistic s | |||
| 4891 | that are easily reachable . | 1989 | that are easily reachable . | |||
| 4892 | [Rich ard Levitt e] | 1990 | [Rich ard Levitt e] | |||
| 4893 | 1991 | |||||
| 4894 | *) Windo ws apparen tly can't transparen tly handle global | 1992 | *) Windo ws apparen tly can't transparen tly handle global | |||
| 4895 | varia bles defin ed in DLLs . Initiali sations su ch as: | 1993 | varia bles defin ed in DLLs . Initiali sations su ch as: | |||
| 4896 | 1994 | |||||
| 4897 | co nst ASN1_I TEM *it = &ASN1_INTE GER_it; | 1995 | co nst ASN1_I TEM *it = &ASN1_INTE GER_it; | |||
| 4898 | 1996 | |||||
| 4899 | wont compile. T his is use d by the a ny applica tions that need to | 1997 | wont compile. T his is use d by the a ny applica tions that need to | |||
| 4900 | decla re their o wn ASN1 mo dules. Thi s was fixe d by addin g the opti on | 1998 | decla re their o wn ASN1 mo dules. Thi s was fixe d by addin g the opti on | |||
| 4901 | EXPOR T_VAR_AS_F N to all W in32 platf orms, alth ough this isn't stri ctly | 1999 | EXPOR T_VAR_AS_F N to all W in32 platf orms, alth ough this isn't stri ctly | |||
| 4902 | neede d for stat ic librari es under W in32. | 2000 | neede d for stat ic librari es under W in32. | |||
| 4903 | [Stev e Henson] | 2001 | [Stev e Henson] | |||
| 4904 | 2002 | |||||
| 4905 | *) New f unctions X 509_PURPOS E_set() an d X509_TRU ST_set() t o handle | 2003 | *) New f unctions X 509_PURPOS E_set() an d X509_TRU ST_set() t o handle | |||
| 4906 | setti ng of purp ose and tr ust fields . New X509 _STORE tru st and | 2004 | setti ng of purp ose and tr ust fields . New X509 _STORE tru st and | |||
| 4907 | purpo se functio ns and tid y up setti ng in othe r SSL func tions. | 2005 | purpo se functio ns and tid y up setti ng in othe r SSL func tions. | |||
| 4908 | [Stev e Henson] | 2006 | [Stev e Henson] | |||
| 4909 | 2007 | |||||
| 4910 | *) Add c opies of X 509_STORE_ CTX fields and callb acks to X5 09_STORE | 2008 | *) Add c opies of X 509_STORE_ CTX fields and callb acks to X5 09_STORE | |||
| 4911 | struc ture. Thes e are inhe rited by X 509_STORE_ CTX when i t is | 2009 | struc ture. Thes e are inhe rited by X 509_STORE_ CTX when i t is | |||
| 4912 | initi alised. Th is allows various de faults to be set in the | 2010 | initi alised. Th is allows various de faults to be set in the | |||
| 4913 | X509_ STORE stru cture (suc h as flags for CRL c hecking an d custom | 2011 | X509_ STORE stru cture (suc h as flags for CRL c hecking an d custom | |||
| 4914 | purpo se or trus t settings ) for func tions whic h only use X509_STOR E_CTX | 2012 | purpo se or trus t settings ) for func tions whic h only use X509_STOR E_CTX | |||
| 4915 | inter nally such as S/MIME . | 2013 | inter nally such as S/MIME . | |||
| 4916 | 2014 | |||||
| 4917 | Modif y X509_STO RE_CTX_pur pose_inher it() so it only sets purposes and | 2015 | Modif y X509_STO RE_CTX_pur pose_inher it() so it only sets purposes and | |||
| 4918 | trust settings if they ar e not set in X509_ST ORE. This allows X50 9_STORE | 2016 | trust settings if they ar e not set in X509_ST ORE. This allows X50 9_STORE | |||
| 4919 | purpo ses and tr ust (in S/ MIME for e xample) to override any set by default. | 2017 | purpo ses and tr ust (in S/ MIME for e xample) to override any set by default. | |||
| 4920 | 2018 | |||||
| 4921 | Add c ommand lin e options for CRL ch ecking to smime, s_c lient and s_server | 2019 | Add c ommand lin e options for CRL ch ecking to smime, s_c lient and s_server | |||
| 4922 | appli cations. | 2020 | appli cations. | |||
| 4923 | [Stev e Henson] | 2021 | [Stev e Henson] | |||
| 4924 | 2022 | |||||
| 4925 | *) Initi al CRL bas ed revocat ion checki ng. If the CRL check ing flag(s ) | 2023 | *) Initi al CRL bas ed revocat ion checki ng. If the CRL check ing flag(s ) | |||
| 4926 | are s et then th e CRL is l ooked up i n the X509 _STORE str ucture and | 2024 | are s et then th e CRL is l ooked up i n the X509 _STORE str ucture and | |||
| 4927 | its v alidity an d signatur e checked, then if t he certifi cate is fo und | 2025 | its v alidity an d signatur e checked, then if t he certifi cate is fo und | |||
| 4928 | in th e CRL the verify fai ls with a revoked er ror. | 2026 | in th e CRL the verify fai ls with a revoked er ror. | |||
| 4929 | 2027 | |||||
| 4930 | Vario us new CRL related c allbacks a dded to X5 09_STORE_C TX structu re. | 2028 | Vario us new CRL related c allbacks a dded to X5 09_STORE_C TX structu re. | |||
| 4931 | 2029 | |||||
| 4932 | Comma nd line op tions adde d to 'veri fy' applic ation to s upport thi s. | 2030 | Comma nd line op tions adde d to 'veri fy' applic ation to s upport thi s. | |||
| 4933 | 2031 | |||||
| 4934 | This needs some additiona l work, su ch as bein g able to handle mul tiple | 2032 | This needs some additiona l work, su ch as bein g able to handle mul tiple | |||
| 4935 | CRLs with diffe rent times , extensio n based lo okup (rath er than ju st | 2033 | CRLs with diffe rent times , extensio n based lo okup (rath er than ju st | |||
| 4936 | by su bject name ) and ulti mately mor e complete V2 CRL ex tension | 2034 | by su bject name ) and ulti mately mor e complete V2 CRL ex tension | |||
| 4937 | handl ing. | 2035 | handl ing. | |||
| 4938 | [Stev e Henson] | 2036 | [Stev e Henson] | |||
| 4939 | 2037 | |||||
| 4940 | *) Add a general u ser interf ace API (c rypto/ui/) . This is designed | 2038 | *) Add a general u ser interf ace API (c rypto/ui/) . This is designed | |||
| 4941 | to re place thin gs like de s_read_pas sword and friends (b ackward | 2039 | to re place thin gs like de s_read_pas sword and friends (b ackward | |||
| 4942 | compa tibility f unctions u sing this new API ar e provided ). | 2040 | compa tibility f unctions u sing this new API ar e provided ). | |||
| 4943 | The p urpose is to remove prompting functions from the D ES code | 2041 | The p urpose is to remove prompting functions from the D ES code | |||
| 4944 | secti on as well as provid e for prom pting thro ugh dialog boxes in | 2042 | secti on as well as provid e for prom pting thro ugh dialog boxes in | |||
| 4945 | a win dow system and the l ike. | 2043 | a win dow system and the l ike. | |||
| 4946 | [Rich ard Levitt e] | 2044 | [Rich ard Levitt e] | |||
| 4947 | 2045 | |||||
| 4948 | *) Add " ex_data" s upport to ENGINE so implementa tions can add state at a | 2046 | *) Add " ex_data" s upport to ENGINE so implementa tions can add state at a | |||
| 4949 | per-s tructure l evel rathe r than hav ing to sto re it glob ally. | 2047 | per-s tructure l evel rathe r than hav ing to sto re it glob ally. | |||
| 4950 | [Geof f] | 2048 | [Geof f] | |||
| 4951 | 2049 | |||||
| 4952 | *) Make it possibl e for ENGI NE structu res to be copied whe n retrieve d by | 2050 | *) Make it possibl e for ENGI NE structu res to be copied whe n retrieve d by | |||
| 4953 | ENGIN E_by_id() if the ENG INE specif ies a new flag: ENGI NE_FLAGS_B Y_ID_COPY. | 2051 | ENGIN E_by_id() if the ENG INE specif ies a new flag: ENGI NE_FLAGS_B Y_ID_COPY. | |||
| 4954 | This causes the "original " ENGINE s tructure t o act like a templat e, | 2052 | This causes the "original " ENGINE s tructure t o act like a templat e, | |||
| 4955 | analo gous to th e RSA vs. RSA_METHOD type of s eparation. Because o f this | 2053 | analo gous to th e RSA vs. RSA_METHOD type of s eparation. Because o f this | |||
| 4956 | opera tional sta te can be localised to each EN GINE struc ture, desp ite the | 2054 | opera tional sta te can be localised to each EN GINE struc ture, desp ite the | |||
| 4957 | fact they all s hare the s ame "metho ds". New E NGINE stru ctures ret urned in | 2055 | fact they all s hare the s ame "metho ds". New E NGINE stru ctures ret urned in | |||
| 4958 | this case have no functio nal refere nces and t he return value is t he single | 2056 | this case have no functio nal refere nces and t he return value is t he single | |||
| 4959 | struc tural refe rence. Thi s matches the single structura l referenc e returned | 2057 | struc tural refe rence. Thi s matches the single structura l referenc e returned | |||
| 4960 | by EN GINE_by_id () normall y, when it is increm ented on t he pre-exi sting | 2058 | by EN GINE_by_id () normall y, when it is increm ented on t he pre-exi sting | |||
| 4961 | ENGIN E structur e. | 2059 | ENGIN E structur e. | |||
| 4962 | [Geof f] | 2060 | [Geof f] | |||
| 4963 | 2061 | |||||
| 4964 | *) Fix A SN1 decode r when dec oding type ANY and V _ASN1_OTHE R: since t his | 2062 | *) Fix A SN1 decode r when dec oding type ANY and V _ASN1_OTHE R: since t his | |||
| 4965 | needs to match any other type at al l we need to manuall y clear th e | 2063 | needs to match any other type at al l we need to manuall y clear th e | |||
| 4966 | tag c ache. | 2064 | tag c ache. | |||
| 4967 | [Stev e Henson] | 2065 | [Stev e Henson] | |||
| 4968 | 2066 | |||||
| 4969 | *) Chang es to the "openssl e ngine" uti lity to in clude; | 2067 | *) Chang es to the "openssl e ngine" uti lity to in clude; | |||
| 4970 | - ver bosity lev els ('-v', '-vv', an d '-vvv') that provi de informa tion | 2068 | - ver bosity lev els ('-v', '-vv', an d '-vvv') that provi de informa tion | |||
| 4971 | abo ut an ENGI NE's avail able contr ol command s. | 2069 | abo ut an ENGI NE's avail able contr ol command s. | |||
| 4972 | - exe cuting con trol comma nds from c ommand lin e argument s using th e | 2070 | - exe cuting con trol comma nds from c ommand lin e argument s using th e | |||
| 4973 | '-p re' and '- post' swit ches. '-po st' is onl y used if '-t' is | 2071 | '-p re' and '- post' swit ches. '-po st' is onl y used if '-t' is | |||
| 4974 | spe cified and the ENGIN E is succe ssfully in itialised. The synta x for | 2072 | spe cified and the ENGIN E is succe ssfully in itialised. The synta x for | |||
| 4975 | the individua l commands are colon -separated , for exam ple; | 2073 | the individua l commands are colon -separated , for exam ple; | |||
| 4976 | o penssl eng ine chil - pre FORK_C HECK:0 -pr e SO_PATH: /lib/test. so | 2074 | o penssl eng ine chil - pre FORK_C HECK:0 -pr e SO_PATH: /lib/test. so | |||
| 4977 | [Geof f] | 2075 | [Geof f] | |||
| 4978 | 2076 | |||||
| 4979 | *) New d ynamic con trol comma nd support for ENGIN Es. ENGINE s can now | 2077 | *) New d ynamic con trol comma nd support for ENGIN Es. ENGINE s can now | |||
| 4980 | decla re their o wn command s (numbers ), names ( strings), descriptio ns, | 2078 | decla re their o wn command s (numbers ), names ( strings), descriptio ns, | |||
| 4981 | and i nput types for run-t ime discov ery by cal ling appli cations. A | 2079 | and i nput types for run-t ime discov ery by cal ling appli cations. A | |||
| 4982 | subse t of these commands are implic itly class ed as "exe cutable" | 2080 | subse t of these commands are implic itly class ed as "exe cutable" | |||
| 4983 | depen ding on th eir input type, and only these can be in voked thro ugh | 2081 | depen ding on th eir input type, and only these can be in voked thro ugh | |||
| 4984 | the n ew string- based API function E NGINE_ctrl _cmd_strin g(). (Eg. this | 2082 | the n ew string- based API function E NGINE_ctrl _cmd_strin g(). (Eg. this | |||
| 4985 | can b e based on user inpu t, config files, etc ). The dis tinction i s | 2083 | can b e based on user inpu t, config files, etc ). The dis tinction i s | |||
| 4986 | that "executabl e" command s cannot r eturn anyt hing other than a bo olean | 2084 | that "executabl e" command s cannot r eturn anyt hing other than a bo olean | |||
| 4987 | resul t and can only suppo rt numeric or string input, wh ereas some | 2085 | resul t and can only suppo rt numeric or string input, wh ereas some | |||
| 4988 | disco verable co mmands may only be f or direct use throug h | 2086 | disco verable co mmands may only be f or direct use throug h | |||
| 4989 | ENGIN E_ctrl(), eg. suppor ting the e xchange of binary da ta, functi on | 2087 | ENGIN E_ctrl(), eg. suppor ting the e xchange of binary da ta, functi on | |||
| 4990 | point ers, or ot her custom uses. The "executab le" comman ds are to | 2088 | point ers, or ot her custom uses. The "executab le" comman ds are to | |||
| 4991 | suppo rt paramet erisations of ENGINE behaviour that can be | 2089 | suppo rt paramet erisations of ENGINE behaviour that can be | |||
| 4992 | unamb iguously d efined by ENGINEs an d used con sistently across any | 2090 | unamb iguously d efined by ENGINEs an d used con sistently across any | |||
| 4993 | OpenS SL-based a pplication . Commands have been added to all the | 2091 | OpenS SL-based a pplication . Commands have been added to all the | |||
| 4994 | exist ing hardwa re-support ing ENGINE s, noticea bly "SO_PA TH" to all ow | 2092 | exist ing hardwa re-support ing ENGINE s, noticea bly "SO_PA TH" to all ow | |||
| 4995 | contr ol over sh ared-libra ry paths w ithout sou rce code a lterations . | 2093 | contr ol over sh ared-libra ry paths w ithout sou rce code a lterations . | |||
| 4996 | [Geof f] | 2094 | [Geof f] | |||
| 4997 | 2095 | |||||
| 4998 | *) Chang ed all ENG INE implem entations to dynamic ally alloc ate their | 2096 | *) Chang ed all ENG INE implem entations to dynamic ally alloc ate their | |||
| 4999 | ENGIN Es rather than decla ring them statically . Apart fr om this be ing | 2097 | ENGIN Es rather than decla ring them statically . Apart fr om this be ing | |||
| 5000 | neces sary with the remova l of the E NGINE_FLAG S_MALLOCED distincti on, | 2098 | neces sary with the remova l of the E NGINE_FLAG S_MALLOCED distincti on, | |||
| 5001 | this also allow s the impl ementation s to compi le without using the | 2099 | this also allow s the impl ementation s to compi le without using the | |||
| 5002 | inter nal engine _int.h hea der. | 2100 | inter nal engine _int.h hea der. | |||
| 5003 | [Geof f] | 2101 | [Geof f] | |||
| 5004 | 2102 | |||||
| 5005 | *) Minor adjustmen t to "rand " code. RA ND_get_ran d_method() now retur ns a | 2103 | *) Minor adjustmen t to "rand " code. RA ND_get_ran d_method() now retur ns a | |||
| 5006 | 'cons t' value. Any code t hat should be able t o modify a RAND_METH OD | 2104 | 'cons t' value. Any code t hat should be able t o modify a RAND_METH OD | |||
| 5007 | shoul d already have non-c onst point ers to it (ie. they should onl y | 2105 | shoul d already have non-c onst point ers to it (ie. they should onl y | |||
| 5008 | modif y their ow n ones). | 2106 | modif y their ow n ones). | |||
| 5009 | [Geof f] | 2107 | [Geof f] | |||
| 5010 | 2108 | |||||
| 5011 | *) Made a variety of little tweaks to the ENGINE code. | 2109 | *) Made a variety of little tweaks to the ENGINE code. | |||
| 5012 | - "at alla" and "ubsec" st ring defin itions wer e moved fr om header files | 2110 | - "at alla" and "ubsec" st ring defin itions wer e moved fr om header files | |||
| 5013 | to C code. "n uron" stri ng definit ions were placed in variables | 2111 | to C code. "n uron" stri ng definit ions were placed in variables | |||
| 5014 | rat her than h ard-coded - allowing parameter isation of these val ues | 2112 | rat her than h ard-coded - allowing parameter isation of these val ues | |||
| 5015 | lat er on via ctrl() com mands. | 2113 | lat er on via ctrl() com mands. | |||
| 5016 | - Rem oved unuse d "#if 0"' d code. | 2114 | - Rem oved unuse d "#if 0"' d code. | |||
| 5017 | - Fix ed engine list itera tion code so it uses ENGINE_fr ee() to re lease | 2115 | - Fix ed engine list itera tion code so it uses ENGINE_fr ee() to re lease | |||
| 5018 | str uctural re ferences. | 2116 | str uctural re ferences. | |||
| 5019 | - Con stified th e RAND_MET HOD elemen t of ENGIN E structur es. | 2117 | - Con stified th e RAND_MET HOD elemen t of ENGIN E structur es. | |||
| 5020 | - Con stified va rious get/ set functi ons as app ropriate a nd added | 2118 | - Con stified va rious get/ set functi ons as app ropriate a nd added | |||
| 5021 | mis sing funct ions (incl uding a ca tch-all EN GINE_cpy t hat duplic ates | 2119 | mis sing funct ions (incl uding a ca tch-all EN GINE_cpy t hat duplic ates | |||
| 5022 | all ENGINE va lues onto a new ENGI NE except reference counts/sta te). | 2120 | all ENGINE va lues onto a new ENGI NE except reference counts/sta te). | |||
| 5023 | - Rem oved NULL parameter checks in get/set fu nctions. S etting a m ethod | 2121 | - Rem oved NULL parameter checks in get/set fu nctions. S etting a m ethod | |||
| 5024 | or function t o NULL is a way of c ancelling out a prev iously set | 2122 | or function t o NULL is a way of c ancelling out a prev iously set | |||
| 5025 | val ue. Passi ng a NULL ENGINE par ameter is just plain stupid an yway | 2123 | val ue. Passi ng a NULL ENGINE par ameter is just plain stupid an yway | |||
| 5026 | and doesn't j ustify the extra err or symbols and code. | 2124 | and doesn't j ustify the extra err or symbols and code. | |||
| 5027 | - Dep recate the ENGINE_FL AGS_MALLOC ED define and move t he area fo r | 2125 | - Dep recate the ENGINE_FL AGS_MALLOC ED define and move t he area fo r | |||
| 5028 | fla gs from en gine_int.h to engine .h. | 2126 | fla gs from en gine_int.h to engine .h. | |||
| 5029 | - Cha nged proto types for ENGINE han dler funct ions (init (), finish (), | 2127 | - Cha nged proto types for ENGINE han dler funct ions (init (), finish (), | |||
| 5030 | ctr l(), key-l oad functi ons, etc) to take an (ENGINE*) parameter . | 2128 | ctr l(), key-l oad functi ons, etc) to take an (ENGINE*) parameter . | |||
| 5031 | [Geof f] | 2129 | [Geof f] | |||
| 5032 | 2130 | |||||
| 5033 | *) Imple ment binar y inversio n algorith m for BN_m od_inverse in additi on | 2131 | *) Imple ment binar y inversio n algorith m for BN_m od_inverse in additi on | |||
| 5034 | to th e algorith m using lo ng divisio n. The bi nary algor ithm can b e | 2132 | to th e algorith m using lo ng divisio n. The bi nary algor ithm can b e | |||
| 5035 | used only if th e modulus is odd. O n 32-bit s ystems, it is faster | 2133 | used only if th e modulus is odd. O n 32-bit s ystems, it is faster | |||
| 5036 | only for relati vely small moduli (r oughly 20- 30% for 12 8-bit modu li, | 2134 | only for relati vely small moduli (r oughly 20- 30% for 12 8-bit modu li, | |||
| 5037 | rough ly 5-15% f or 256-bit moduli), so we use it only fo r moduli | 2135 | rough ly 5-15% f or 256-bit moduli), so we use it only fo r moduli | |||
| 5038 | up to 450 bits. In 64-bi t environm ents, the binary alg orithm | 2136 | up to 450 bits. In 64-bi t environm ents, the binary alg orithm | |||
| 5039 | appea rs to be a dvantageou s for much longer mo duli; here we use it | 2137 | appea rs to be a dvantageou s for much longer mo duli; here we use it | |||
| 5040 | for m oduli up t o 2048 bit s. | 2138 | for m oduli up t o 2048 bit s. | |||
| 5041 | [Bodo Moeller] | 2139 | [Bodo Moeller] | |||
| 5042 | 2140 | |||||
| 5043 | *) Rewri te CHOICE field sett ing in ASN 1_item_ex_ d2i(). The old code | 2141 | *) Rewri te CHOICE field sett ing in ASN 1_item_ex_ d2i(). The old code | |||
| 5044 | could not suppo rt the com bine flag in choice fields. | 2142 | could not suppo rt the com bine flag in choice fields. | |||
| 5045 | [Stev e Henson] | 2143 | [Stev e Henson] | |||
| 5046 | 2144 | |||||
| 5047 | *) Add a 'copy_ext ensions' o ption to t he 'ca' ut ility. Thi s copies | 2145 | *) Add a 'copy_ext ensions' o ption to t he 'ca' ut ility. Thi s copies | |||
| 5048 | exten sions from a certifi cate reque st to the certificat e. | 2146 | exten sions from a certifi cate reque st to the certificat e. | |||
| 5049 | [Stev e Henson] | 2147 | [Stev e Henson] | |||
| 5050 | 2148 | |||||
| 5051 | *) Allow multiple 'certopt' and 'nameo pt' option s to be se parated | 2149 | *) Allow multiple 'certopt' and 'nameo pt' option s to be se parated | |||
| 5052 | by co mmas. Add 'namopt' a nd 'certop t' options to the 'c a' config | 2150 | by co mmas. Add 'namopt' a nd 'certop t' options to the 'c a' config | |||
| 5053 | file: this allo ws the dis play of th e certific ate about to be | 2151 | file: this allo ws the dis play of th e certific ate about to be | |||
| 5054 | signe d to be cu stomised, to allow c ertain fie lds to be included | 2152 | signe d to be cu stomised, to allow c ertain fie lds to be included | |||
| 5055 | or ex cluded and extension details. The old sy stem didn' t display | 2153 | or ex cluded and extension details. The old sy stem didn' t display | |||
| 5056 | multi character strings pr operly, om itted fiel ds not in the policy | 2154 | multi character strings pr operly, om itted fiel ds not in the policy | |||
| 5057 | and c ouldn't di splay addi tional det ails such as extensi ons. | 2155 | and c ouldn't di splay addi tional det ails such as extensi ons. | |||
| 5058 | [Stev e Henson] | 2156 | [Stev e Henson] | |||
| 5059 | 2157 | |||||
| 5060 | *) Funct ion EC_POI NTs_mul fo r multiple scalar mu ltiplicati on | 2158 | *) Funct ion EC_POI NTs_mul fo r multiple scalar mu ltiplicati on | |||
| 5061 | of an arbitrary number of elliptic curve poin ts | 2159 | of an arbitrary number of elliptic curve poin ts | |||
| 5062 | \sum scala rs[i]*poin ts[i], | 2160 | \sum scala rs[i]*poin ts[i], | |||
| 5063 | optio nally incl uding the generator defined fo r the EC_G ROUP: | 2161 | optio nally incl uding the generator defined fo r the EC_G ROUP: | |||
| 5064 | scalar*gen erator + \sum scala rs[i]*poin ts[i]. | 2162 | scalar*gen erator + \sum scala rs[i]*poin ts[i]. | |||
| 5065 | 2163 | |||||
| 5066 | EC_PO INT_mul is a simple wrapper fu nction for the typic al case | 2164 | EC_PO INT_mul is a simple wrapper fu nction for the typic al case | |||
| 5067 | that the point list has j ust one it em (beside s the opti onal | 2165 | that the point list has j ust one it em (beside s the opti onal | |||
| 5068 | gener ator). | 2166 | gener ator). | |||
| 5069 | [Bodo Moeller] | 2167 | [Bodo Moeller] | |||
| 5070 | 2168 | |||||
| 5071 | *) First EC_METHOD s for curv es over GF (p): | 2169 | *) First EC_METHOD s for curv es over GF (p): | |||
| 5072 | 2170 | |||||
| 5073 | EC_GF p_simple_m ethod() us es the bas ic BN_mod_ mul and BN _mod_sqr | 2171 | EC_GF p_simple_m ethod() us es the bas ic BN_mod_ mul and BN _mod_sqr | |||
| 5074 | opera tions and provides v arious met hod functi ons that c an also | 2172 | opera tions and provides v arious met hod functi ons that c an also | |||
| 5075 | opera te with fa ster imple mentations of modula r arithmet ic. | 2173 | opera te with fa ster imple mentations of modula r arithmet ic. | |||
| 5076 | 2174 | |||||
| 5077 | EC_GF p_mont_met hod() reus es most fu nctions th at are par t of | 2175 | EC_GF p_mont_met hod() reus es most fu nctions th at are par t of | |||
| 5078 | EC_GF p_simple_m ethod, but uses Mont gomery ari thmetic. | 2176 | EC_GF p_simple_m ethod, but uses Mont gomery ari thmetic. | |||
| 5079 | 2177 | |||||
| 5080 | [Bodo Moeller; point addi tion and p oint doubl ing | 2178 | [Bodo Moeller; point addi tion and p oint doubl ing | |||
| 5081 | imple mentation directly d erived fro m source c ode provid ed by | 2179 | imple mentation directly d erived fro m source c ode provid ed by | |||
| 5082 | Lenka Fibikova <fibikova@ exp-math.u ni-essen.d e>] | 2180 | Lenka Fibikova <fibikova@ exp-math.u ni-essen.d e>] | |||
| 5083 | 2181 | |||||
| 5084 | *) Frame work for e lliptic cu rves (cryp to/ec/ec.h , crypto/e c/ec_lcl.h , | 2182 | *) Frame work for e lliptic cu rves (cryp to/ec/ec.h , crypto/e c/ec_lcl.h , | |||
| 5085 | crypt o/ec/ec_li b.c): | 2183 | crypt o/ec/ec_li b.c): | |||
| 5086 | 2184 | |||||
| 5087 | Curve s are EC_G ROUP objec ts (with a n optional group gen erator) | 2185 | Curve s are EC_G ROUP objec ts (with a n optional group gen erator) | |||
| 5088 | based on EC_MET HODs that are built into the l ibrary. | 2186 | based on EC_MET HODs that are built into the l ibrary. | |||
| 5089 | 2187 | |||||
| 5090 | Point s are EC_P OINT objec ts based o n EC_GROUP objects. | 2188 | Point s are EC_P OINT objec ts based o n EC_GROUP objects. | |||
| 5091 | 2189 | |||||
| 5092 | Most of the fra mework wou ld be able to handle curves ov er arbitra ry | 2190 | Most of the fra mework wou ld be able to handle curves ov er arbitra ry | |||
| 5093 | finit e fields, but as the re are no obvious ty pes for fi elds other | 2191 | finit e fields, but as the re are no obvious ty pes for fi elds other | |||
| 5094 | than GF(p), som e function s are limi ted to tha t for now. | 2192 | than GF(p), som e function s are limi ted to tha t for now. | |||
| 5095 | [Bodo Moeller] | 2193 | [Bodo Moeller] | |||
| 5096 | 2194 | |||||
| 5097 | *) Add t he -HTTP o ption to s _server. It is simi lar to -WW W, but req uires | 2195 | *) Add t he -HTTP o ption to s _server. It is simi lar to -WW W, but req uires | |||
| 5098 | that the file c ontains a complete H TTP respon se. | 2196 | that the file c ontains a complete H TTP respon se. | |||
| 5099 | [Rich ard Levitt e] | 2197 | [Rich ard Levitt e] | |||
| 5100 | 2198 | |||||
| 5101 | *) Add t he ec dire ctory to m kdef.pl an d mkfiles. pl. In mkd ef.pl | 2199 | *) Add t he ec dire ctory to m kdef.pl an d mkfiles. pl. In mkd ef.pl | |||
| 5102 | chang e the def and num fi le printf format spe cifier fro m "%-40sXX X" | 2200 | chang e the def and num fi le printf format spe cifier fro m "%-40sXX X" | |||
| 5103 | to "% -39s XXX". The latte r will alw ays guaran tee a spac e after th e | 2201 | to "% -39s XXX". The latte r will alw ays guaran tee a spac e after th e | |||
| 5104 | field while the former wi ll cause t hem to run together if the fie ld | 2202 | field while the former wi ll cause t hem to run together if the fie ld | |||
| 5105 | is 40 of more c haracters long. | 2203 | is 40 of more c haracters long. | |||
| 5106 | [Stev e Henson] | 2204 | [Stev e Henson] | |||
| 5107 | 2205 | |||||
| 5108 | *) Const ify the ci pher and d igest 'met hod' funct ions and s tructures | 2206 | *) Const ify the ci pher and d igest 'met hod' funct ions and s tructures | |||
| 5109 | and m odify rela ted functi ons to tak e constant EVP_MD an d EVP_CIPH ER | 2207 | and m odify rela ted functi ons to tak e constant EVP_MD an d EVP_CIPH ER | |||
| 5110 | point ers. | 2208 | point ers. | |||
| 5111 | [Stev e Henson] | 2209 | [Stev e Henson] | |||
| 5112 | 2210 | |||||
| 5113 | *) Hide BN_CTX str ucture det ails in bn _lcl.h ins tead of pu blishing t hem | 2211 | *) Hide BN_CTX str ucture det ails in bn _lcl.h ins tead of pu blishing t hem | |||
| 5114 | in <o penssl/bn. h>. Also further in crease BN_ CTX_NUM to 32. | 2212 | in <o penssl/bn. h>. Also further in crease BN_ CTX_NUM to 32. | |||
| 5115 | [Bodo Moeller] | 2213 | [Bodo Moeller] | |||
| 5116 | 2214 | |||||
| 5117 | *) Modif y EVP_Dige st*() rout ines so th ey now ret urn values . Although the | 2215 | *) Modif y EVP_Dige st*() rout ines so th ey now ret urn values . Although the | |||
| 5118 | inter nal softwa re routine s can neve r fail add itional ha rdware ver sions | 2216 | inter nal softwa re routine s can neve r fail add itional ha rdware ver sions | |||
| 5119 | might . | 2217 | might . | |||
| 5120 | [Stev e Henson] | 2218 | [Stev e Henson] | |||
| 5121 | 2219 | |||||
| 5122 | *) Clean up crypto /err/err.h and chang e some err or codes t o avoid co nflicts: | 2220 | *) Clean up crypto /err/err.h and chang e some err or codes t o avoid co nflicts: | |||
| 5123 | 2221 | |||||
| 5124 | Previ ously ERR_ R_FATAL wa s too smal l and coin cided with ERR_LIB_P KCS7 | 2222 | Previ ously ERR_ R_FATAL wa s too smal l and coin cided with ERR_LIB_P KCS7 | |||
| 5125 | (= ER R_R_PKCS7_ LIB); it i s now 64 i nstead of 32. | 2223 | (= ER R_R_PKCS7_ LIB); it i s now 64 i nstead of 32. | |||
| 5126 | 2224 | |||||
| 5127 | ASN1 error code s | 2225 | ASN1 error code s | |||
| 5128 | ERR_R_NEST ED_ASN1_ER ROR | 2226 | ERR_R_NEST ED_ASN1_ER ROR | |||
| 5129 | ... | 2227 | ... | |||
| 5130 | ERR_R_MISS ING_ASN1_E OS | 2228 | ERR_R_MISS ING_ASN1_E OS | |||
| 5131 | were 4 .. 9, co nflicting with | 2229 | were 4 .. 9, co nflicting with | |||
| 5132 | ERR_LIB_RS A (= ERR_R _RSA_LIB) | 2230 | ERR_LIB_RS A (= ERR_R _RSA_LIB) | |||
| 5133 | ... | 2231 | ... | |||
| 5134 | ERR_LIB_PE M (= ERR_R _PEM_LIB). | 2232 | ERR_LIB_PE M (= ERR_R _PEM_LIB). | |||
| 5135 | They are now 58 .. 63 (i. e., just b elow ERR_R _FATAL). | 2233 | They are now 58 .. 63 (i. e., just b elow ERR_R _FATAL). | |||
| 5136 | 2234 | |||||
| 5137 | Add n ew error c ode 'ERR_R _INTERNAL_ ERROR'. | 2235 | Add n ew error c ode 'ERR_R _INTERNAL_ ERROR'. | |||
| 5138 | [Bodo Moeller] | 2236 | [Bodo Moeller] | |||
| 5139 | 2237 | |||||
| 5140 | *) Don't overuse l ocks in cr ypto/err/e rr.c: For data retri eval, CRYP TO_r_lock | 2238 | *) Don't overuse l ocks in cr ypto/err/e rr.c: For data retri eval, CRYP TO_r_lock | |||
| 5141 | suffi ces. | 2239 | suffi ces. | |||
| 5142 | [Bodo Moeller] | 2240 | [Bodo Moeller] | |||
| 5143 | 2241 | |||||
| 5144 | *) New o ption '-su bj arg' fo r 'openssl req' and 'openssl c a'. This | 2242 | *) New o ption '-su bj arg' fo r 'openssl req' and 'openssl c a'. This | |||
| 5145 | sets the subjec t name for a new req uest or su persedes t he | 2243 | sets the subjec t name for a new req uest or su persedes t he | |||
| 5146 | subje ct name in a given r equest. Fo rmats that can be pa rsed are | 2244 | subje ct name in a given r equest. Fo rmats that can be pa rsed are | |||
| 5147 | 'CN=Some N ame, OU=my OU, C=IT' | 2245 | 'CN=Some N ame, OU=my OU, C=IT' | |||
| 5148 | and | 2246 | and | |||
| 5149 | 'CN=Some N ame/OU=myO U/C=IT'. | 2247 | 'CN=Some N ame/OU=myO U/C=IT'. | |||
| 5150 | 2248 | |||||
| 5151 | Add o ptions '-b atch' and '-verbose' to 'opens sl req'. | 2249 | Add o ptions '-b atch' and '-verbose' to 'opens sl req'. | |||
| 5152 | [Mass imiliano P ala <madwo lf@hackmas ters.net>] | 2250 | [Mass imiliano P ala <madwo lf@hackmas ters.net>] | |||
| 5153 | 2251 | |||||
| 5154 | *) Intro duce the p ossibility to access global va riables th rough | 2252 | *) Intro duce the p ossibility to access global va riables th rough | |||
| 5155 | funct ions on pl atform wer e that's t he best wa y to handl e exportin g | 2253 | funct ions on pl atform wer e that's t he best wa y to handl e exportin g | |||
| 5156 | globa l variable s in share d librarie s. To ena ble this f unctionali ty, | 2254 | globa l variable s in share d librarie s. To ena ble this f unctionali ty, | |||
| 5157 | one m ust config ure with " EXPORT_VAR _AS_FN" or defined t he C macro | 2255 | one m ust config ure with " EXPORT_VAR _AS_FN" or defined t he C macro | |||
| 5158 | "OPEN SSL_EXPORT _VAR_AS_FU NCTION" in crypto/op ensslconf. h (the lat ter | 2256 | "OPEN SSL_EXPORT _VAR_AS_FU NCTION" in crypto/op ensslconf. h (the lat ter | |||
| 5159 | is no rmally don e by Confi gure or so mething si milar). | 2257 | is no rmally don e by Confi gure or so mething si milar). | |||
| 5160 | 2258 | |||||
| 5161 | To im plement a global var iable, use the macro OPENSSL_I MPLEMENT_G LOBAL | 2259 | To im plement a global var iable, use the macro OPENSSL_I MPLEMENT_G LOBAL | |||
| 5162 | in th e source f ile (foo.c ) like thi s: | 2260 | in th e source f ile (foo.c ) like thi s: | |||
| 5163 | 2261 | |||||
| 5164 | OP ENSSL_IMPL EMENT_GLOB AL(int,foo )=1; | 2262 | OP ENSSL_IMPL EMENT_GLOB AL(int,foo )=1; | |||
| 5165 | OP ENSSL_IMPL EMENT_GLOB AL(double, bar); | 2263 | OP ENSSL_IMPL EMENT_GLOB AL(double, bar); | |||
| 5166 | 2264 | |||||
| 5167 | To de clare a gl obal varia ble, use t he macros OPENSSL_DE CLARE_GLOB AL | 2265 | To de clare a gl obal varia ble, use t he macros OPENSSL_DE CLARE_GLOB AL | |||
| 5168 | and O PENSSL_GLO BAL_REF in the heade r file (fo o.h) like this: | 2266 | and O PENSSL_GLO BAL_REF in the heade r file (fo o.h) like this: | |||
| 5169 | 2267 | |||||
| 5170 | OP ENSSL_DECL ARE_GLOBAL (int,foo); | 2268 | OP ENSSL_DECL ARE_GLOBAL (int,foo); | |||
| 5171 | #d efine foo OPENSSL_GL OBAL_REF(f oo) | 2269 | #d efine foo OPENSSL_GL OBAL_REF(f oo) | |||
| 5172 | OP ENSSL_DECL ARE_GLOBAL (double,ba r); | 2270 | OP ENSSL_DECL ARE_GLOBAL (double,ba r); | |||
| 5173 | #d efine bar OPENSSL_GL OBAL_REF(b ar) | 2271 | #d efine bar OPENSSL_GL OBAL_REF(b ar) | |||
| 5174 | 2272 | |||||
| 5175 | The # defines ar e very imp ortant, an d therefor e so is in cluding th e | 2273 | The # defines ar e very imp ortant, an d therefor e so is in cluding th e | |||
| 5176 | heade r file eve rywhere wh ere the de fined glob als are us ed. | 2274 | heade r file eve rywhere wh ere the de fined glob als are us ed. | |||
| 5177 | 2275 | |||||
| 5178 | The m acro OPENS SL_EXPORT_ VAR_AS_FUN CTION also affects t he definit ion | 2276 | The m acro OPENS SL_EXPORT_ VAR_AS_FUN CTION also affects t he definit ion | |||
| 5179 | of AS N.1 items, but that structure is a bit d ifferent. | 2277 | of AS N.1 items, but that structure is a bit d ifferent. | |||
| 5180 | 2278 | |||||
| 5181 | The l argest cha nge is in util/mkdef .pl which has been e nhanced wi th | 2279 | The l argest cha nge is in util/mkdef .pl which has been e nhanced wi th | |||
| 5182 | bette r and easi er to unde rstand log ic to choo se which s ymbols sho uld | 2280 | bette r and easi er to unde rstand log ic to choo se which s ymbols sho uld | |||
| 5183 | go in to the Win dows .def files as w ell as a n umber of f ixes and c ode | 2281 | go in to the Win dows .def files as w ell as a n umber of f ixes and c ode | |||
| 5184 | clean up (among others, al gorithm ke ywords are now sorte d | 2282 | clean up (among others, al gorithm ke ywords are now sorte d | |||
| 5185 | lexic ographical ly to avoi d constant rewrites) . | 2283 | lexic ographical ly to avoi d constant rewrites) . | |||
| 5186 | [Rich ard Levitt e] | 2284 | [Rich ard Levitt e] | |||
| 5187 | 2285 | |||||
| 5188 | *) In BN _div() kee p a copy o f the sign of 'num' before wri ting the | 2286 | *) In BN _div() kee p a copy o f the sign of 'num' before wri ting the | |||
| 5189 | resul t to 'rm' because if rm==num t he value w ill be ove rwritten | 2287 | resul t to 'rm' because if rm==num t he value w ill be ove rwritten | |||
| 5190 | and p roduce the wrong res ult if 'nu m' is nega tive: this caused | 2288 | and p roduce the wrong res ult if 'nu m' is nega tive: this caused | |||
| 5191 | probl ems with B N_mod() an d BN_nnmod (). | 2289 | probl ems with B N_mod() an d BN_nnmod (). | |||
| 5192 | [Stev e Henson] | 2290 | [Stev e Henson] | |||
| 5193 | 2291 | |||||
| 5194 | *) Funct ion OCSP_r equest_ver ify(). Thi s checks t he signatu re on an | 2292 | *) Funct ion OCSP_r equest_ver ify(). Thi s checks t he signatu re on an | |||
| 5195 | OCSP request an d verifies the signe r certific ate. The s igner | 2293 | OCSP request an d verifies the signe r certific ate. The s igner | |||
| 5196 | certi ficate is just check ed for a g eneric pur pose and O CSP reques t | 2294 | certi ficate is just check ed for a g eneric pur pose and O CSP reques t | |||
| 5197 | trust settings. | 2295 | trust settings. | |||
| 5198 | [Stev e Henson] | 2296 | [Stev e Henson] | |||
| 5199 | 2297 | |||||
| 5200 | *) Add O CSP_check_ validity() function to check t he validit y of OCSP | 2298 | *) Add O CSP_check_ validity() function to check t he validit y of OCSP | |||
| 5201 | respo nses. OCSP responses are prepa red in rea l time and may only | 2299 | respo nses. OCSP responses are prepa red in rea l time and may only | |||
| 5202 | be a few second s old. Sim ply checki ng that th e current time lies | 2300 | be a few second s old. Sim ply checki ng that th e current time lies | |||
| 5203 | betwe en thisUpd ate and ne xtUpdate m ax reject otherwise valid resp onses | 2301 | betwe en thisUpd ate and ne xtUpdate m ax reject otherwise valid resp onses | |||
| 5204 | cause d by eithe r OCSP res ponder or client clo ck inaccur acy. Inste ad | 2302 | cause d by eithe r OCSP res ponder or client clo ck inaccur acy. Inste ad | |||
| 5205 | we al low thisUp date and n extUpdate to fall wi thin a cer tain perio d of | 2303 | we al low thisUp date and n extUpdate to fall wi thin a cer tain perio d of | |||
| 5206 | the c urrent tim e. The age of the re sponse can also opti onally be | 2304 | the c urrent tim e. The age of the re sponse can also opti onally be | |||
| 5207 | check ed. Two ne w options -validity_ period and -status_a ge added t o | 2305 | check ed. Two ne w options -validity_ period and -status_a ge added t o | |||
| 5208 | ocsp utility. | 2306 | ocsp utility. | |||
| 5209 | [Stev e Henson] | 2307 | [Stev e Henson] | |||
| 5210 | 2308 | |||||
| 5211 | *) If si gnature or public ke y algorith m is unrec ognized pr int out it s | 2309 | *) If si gnature or public ke y algorith m is unrec ognized pr int out it s | |||
| 5212 | OID r ather that just UNKN OWN. | 2310 | OID r ather that just UNKN OWN. | |||
| 5213 | [Stev e Henson] | 2311 | [Stev e Henson] | |||
| 5214 | 2312 | |||||
| 5215 | *) Chang e OCSP_cer t_to_id() to tolerat e a NULL s ubject cer tificate a nd | 2313 | *) Chang e OCSP_cer t_to_id() to tolerat e a NULL s ubject cer tificate a nd | |||
| 5216 | OCSP_ cert_id_ne w() a NULL serialNum ber. This allows a p artial cer tificate | 2314 | OCSP_ cert_id_ne w() a NULL serialNum ber. This allows a p artial cer tificate | |||
| 5217 | ID to be genera ted from t he issuer certificat e alone wh ich can th en be | 2315 | ID to be genera ted from t he issuer certificat e alone wh ich can th en be | |||
| 5218 | passe d to OCSP_ id_issuer_ cmp(). | 2316 | passe d to OCSP_ id_issuer_ cmp(). | |||
| 5219 | [Stev e Henson] | 2317 | [Stev e Henson] | |||
| 5220 | 2318 | |||||
| 5221 | *) New c ompilation option AS N1_ITEM_FU NCTIONS. T his causes the new | 2319 | *) New c ompilation option AS N1_ITEM_FU NCTIONS. T his causes the new | |||
| 5222 | ASN1 modules to export fu nctions re turning AS N1_ITEM po inters | 2320 | ASN1 modules to export fu nctions re turning AS N1_ITEM po inters | |||
| 5223 | inste ad of the ASN1_ITEM structures themselve s. This ad ds several | 2321 | inste ad of the ASN1_ITEM structures themselve s. This ad ds several | |||
| 5224 | new m acros whic h allow th e underlyi ng ASN1 fu nction/str ucture to | 2322 | new m acros whic h allow th e underlyi ng ASN1 fu nction/str ucture to | |||
| 5225 | be ac cessed tra nsparently . As a res ult code s hould not use ASN1_I TEM | 2323 | be ac cessed tra nsparently . As a res ult code s hould not use ASN1_I TEM | |||
| 5226 | refer ences dire ctly (such as &X509_ it) but in stead use the releva nt | 2324 | refer ences dire ctly (such as &X509_ it) but in stead use the releva nt | |||
| 5227 | macro s (such as ASN1_ITEM _rptr(X509 )). This o ption is t o allow | 2325 | macro s (such as ASN1_ITEM _rptr(X509 )). This o ption is t o allow | |||
| 5228 | use o f the new ASN1 code on platfor ms where e xporting s tructures | 2326 | use o f the new ASN1 code on platfor ms where e xporting s tructures | |||
| 5229 | is pr oblematica l (for exa mple in sh ared libra ries) but exporting | 2327 | is pr oblematica l (for exa mple in sh ared libra ries) but exporting | |||
| 5230 | funct ions retur ning point ers to str uctures is not. | 2328 | funct ions retur ning point ers to str uctures is not. | |||
| 5231 | [Stev e Henson] | 2329 | [Stev e Henson] | |||
| 5232 | 2330 | |||||
| 5233 | *) Add s upport for overridin g the gene ration of SSL/TLS se ssion IDs. | 2331 | *) Add s upport for overridin g the gene ration of SSL/TLS se ssion IDs. | |||
| 5234 | These callbacks can be re gistered e ither in a n SSL_CTX or per SSL . | 2332 | These callbacks can be re gistered e ither in a n SSL_CTX or per SSL . | |||
| 5235 | The p urpose of this is to allow app lications to control , if they wish, | 2333 | The p urpose of this is to allow app lications to control , if they wish, | |||
| 5236 | the a rbitrary v alues chos en for use as sessio n IDs, par ticularly as it | 2334 | the a rbitrary v alues chos en for use as sessio n IDs, par ticularly as it | |||
| 5237 | can b e useful f or session caching i n multiple -server en vironments . A | 2335 | can b e useful f or session caching i n multiple -server en vironments . A | |||
| 5238 | comma nd-line sw itch for t esting thi s (and any client co de that wi shes | 2336 | comma nd-line sw itch for t esting thi s (and any client co de that wi shes | |||
| 5239 | to us e such a f eature) ha s been add ed to "s_s erver". | 2337 | to us e such a f eature) ha s been add ed to "s_s erver". | |||
| 5240 | [Geof f Thorpe, Lutz Jaeni cke] | 2338 | [Geof f Thorpe, Lutz Jaeni cke] | |||
| 5241 | 2339 | |||||
| 5242 | *) Modif y mkdef.pl to recogn ise and pa rse prepro cessor con ditionals | 2340 | *) Modif y mkdef.pl to recogn ise and pa rse prepro cessor con ditionals | |||
| 5243 | of th e form '#i f defined( ...) || de fined(...) || ...' a nd | 2341 | of th e form '#i f defined( ...) || de fined(...) || ...' a nd | |||
| 5244 | '#if !defined(. ..) && !de fined(...) && ...'. This also avoids | 2342 | '#if !defined(. ..) && !de fined(...) && ...'. This also avoids | |||
| 5245 | the g rowing num ber of spe cial cases it was pr eviously h andling. | 2343 | the g rowing num ber of spe cial cases it was pr eviously h andling. | |||
| 5246 | [Rich ard Levitt e] | 2344 | [Rich ard Levitt e] | |||
| 5247 | 2345 | |||||
| 5248 | *) Make all config uration ma cros avail able for a pplication by making | 2346 | *) Make all config uration ma cros avail able for a pplication by making | |||
| 5249 | sure they are a vailable i n opensslc onf.h, by giving the m names st arting | 2347 | sure they are a vailable i n opensslc onf.h, by giving the m names st arting | |||
| 5250 | with "OPENSSL_" to avoid conflicts with other packages and by mak ing | 2348 | with "OPENSSL_" to avoid conflicts with other packages and by mak ing | |||
| 5251 | sure e_os2.h wi ll cover a ll platfor m-specific cases tog ether with | 2349 | sure e_os2.h wi ll cover a ll platfor m-specific cases tog ether with | |||
| 5252 | opens slconf.h. | 2350 | opens slconf.h. | |||
| 5253 | Addit ionally, i t is now p ossible to define co nfiguratio n/platform - | 2351 | Addit ionally, i t is now p ossible to define co nfiguratio n/platform - | |||
| 5254 | speci fic names (called "s ystem iden tities"). In the C code, thes e | 2352 | speci fic names (called "s ystem iden tities"). In the C code, thes e | |||
| 5255 | are p refixed wi th "OPENSS L_SYSNAME_ ". e_os2. h will cre ate anothe r | 2353 | are p refixed wi th "OPENSS L_SYSNAME_ ". e_os2. h will cre ate anothe r | |||
| 5256 | macro with the name begin ning with "OPENSSL_S YS_", whic h is deter mined | 2354 | macro with the name begin ning with "OPENSSL_S YS_", whic h is deter mined | |||
| 5257 | from "OPENSSL_S YSNAME_*" or compile r-specific macros de pending on | 2355 | from "OPENSSL_S YSNAME_*" or compile r-specific macros de pending on | |||
| 5258 | what is availab le. | 2356 | what is availab le. | |||
| 5259 | [Rich ard Levitt e] | 2357 | [Rich ard Levitt e] | |||
| 5260 | 2358 | |||||
| 5261 | *) New o ption -set _serial to 'req' and 'x509' th is allows the serial | 2359 | *) New o ption -set _serial to 'req' and 'x509' th is allows the serial | |||
| 5262 | numbe r to use t o be speci fied on th e command line. Prev iously sel f | 2360 | numbe r to use t o be speci fied on th e command line. Prev iously sel f | |||
| 5263 | signe d certific ates were hard coded with seri al number 0 and the | 2361 | signe d certific ates were hard coded with seri al number 0 and the | |||
| 5264 | CA op tions of ' x509' had to use a s erial numb er in a fi le which w as | 2362 | CA op tions of ' x509' had to use a s erial numb er in a fi le which w as | |||
| 5265 | auto incremente d. | 2363 | auto incremente d. | |||
| 5266 | [Stev e Henson] | 2364 | [Stev e Henson] | |||
| 5267 | 2365 | |||||
| 5268 | *) New o ptions to 'ca' utili ty to supp ort V2 CRL entry ext ensions. | 2366 | *) New o ptions to 'ca' utili ty to supp ort V2 CRL entry ext ensions. | |||
| 5269 | Curre ntly CRL r eason, inv alidity da te and hol d instruct ion are | 2367 | Curre ntly CRL r eason, inv alidity da te and hol d instruct ion are | |||
| 5270 | suppo rted. Add new CRL ex tensions t o V3 code and some n ew objects . | 2368 | suppo rted. Add new CRL ex tensions t o V3 code and some n ew objects . | |||
| 5271 | [Stev e Henson] | 2369 | [Stev e Henson] | |||
| 5272 | 2370 | |||||
| 5273 | *) New f unction EV P_CIPHER_C TX_set_pad ding() thi s is used to | 2371 | *) New f unction EV P_CIPHER_C TX_set_pad ding() thi s is used to | |||
| 5274 | disab le standar d block pa dding (aka PKCS#5 pa dding) in the EVP | 2372 | disab le standar d block pa dding (aka PKCS#5 pa dding) in the EVP | |||
| 5275 | API, which was previously mandatory . This mea ns that th e data is | 2373 | API, which was previously mandatory . This mea ns that th e data is | |||
| 5276 | not p added in a ny way and so the to tal length much be a multiple | 2374 | not p added in a ny way and so the to tal length much be a multiple | |||
| 5277 | of th e block si ze, otherw ise an err or occurs. | 2375 | of th e block si ze, otherw ise an err or occurs. | |||
| 5278 | [Stev e Henson] | 2376 | [Stev e Henson] | |||
| 5279 | 2377 | |||||
| 5280 | *) Initi al (incomp lete) OCSP SSL suppo rt. | 2378 | *) Initi al (incomp lete) OCSP SSL suppo rt. | |||
| 5281 | [Stev e Henson] | 2379 | [Stev e Henson] | |||
| 5282 | 2380 | |||||
| 5283 | *) New f unction OC SP_parse_u rl(). This splits up a URL int o its host , | 2381 | *) New f unction OC SP_parse_u rl(). This splits up a URL int o its host , | |||
| 5284 | port and path c omponents: primarily to parse OCSP URLs. New -url | 2382 | port and path c omponents: primarily to parse OCSP URLs. New -url | |||
| 5285 | optio n to ocsp utility. | 2383 | optio n to ocsp utility. | |||
| 5286 | [Stev e Henson] | 2384 | [Stev e Henson] | |||
| 5287 | 2385 | |||||
| 5288 | *) New n once behav ior. The r eturn valu e of OCSP_ check_nonc e() now | 2386 | *) New n once behav ior. The r eturn valu e of OCSP_ check_nonc e() now | |||
| 5289 | refle cts the va rious chec ks perform ed. Applic ations can decide | 2387 | refle cts the va rious chec ks perform ed. Applic ations can decide | |||
| 5290 | wheth er to tole rate certa in situati ons such a s an absen t nonce | 2388 | wheth er to tole rate certa in situati ons such a s an absen t nonce | |||
| 5291 | in a response w hen one wa s present in a reque st: the oc sp applica tion | 2389 | in a response w hen one wa s present in a reque st: the oc sp applica tion | |||
| 5292 | just prints out a warning . New func tion OCSP_ add1_basic _nonce() | 2390 | just prints out a warning . New func tion OCSP_ add1_basic _nonce() | |||
| 5293 | this is to allo w responde rs to incl ude a nonc e in a res ponse even if | 2391 | this is to allo w responde rs to incl ude a nonc e in a res ponse even if | |||
| 5294 | the r equest is nonce-less . | 2392 | the r equest is nonce-less . | |||
| 5295 | [Stev e Henson] | 2393 | [Stev e Henson] | |||
| 5296 | 2394 | |||||
| 5297 | *) Disab le stdin b uffering i n load_cer t (apps/ap ps.c) so t hat no cer ts are | 2395 | *) Disab le stdin b uffering i n load_cer t (apps/ap ps.c) so t hat no cer ts are | |||
| 5298 | skipp ed when us ing openss l x509 mul tiple time s on a sin gle input file, | 2396 | skipp ed when us ing openss l x509 mul tiple time s on a sin gle input file, | |||
| 5299 | e.g. "(openssl x509 -out cert1; ope nssl x509 -out cert2 ) <certs". | 2397 | e.g. "(openssl x509 -out cert1; ope nssl x509 -out cert2 ) <certs". | |||
| 5300 | [Bodo Moeller] | 2398 | [Bodo Moeller] | |||
| 5301 | 2399 | |||||
| 5302 | *) Make ASN1_UTCTI ME_set_str ing() and ASN1_GENER ALIZEDTIME _set_strin g() | 2400 | *) Make ASN1_UTCTI ME_set_str ing() and ASN1_GENER ALIZEDTIME _set_strin g() | |||
| 5303 | set s tring type : to handl e setting ASN1_TIME structures . Fix ca | 2401 | set s tring type : to handl e setting ASN1_TIME structures . Fix ca | |||
| 5304 | utili ty to corr ectly init ialize rev ocation da te of CRLs . | 2402 | utili ty to corr ectly init ialize rev ocation da te of CRLs . | |||
| 5305 | [Stev e Henson] | 2403 | [Stev e Henson] | |||
| 5306 | 2404 | |||||
| 5307 | *) New o ption SSL_ OP_CIPHER_ SERVER_PRE FERENCE al lows the s erver to o verride | 2405 | *) New o ption SSL_ OP_CIPHER_ SERVER_PRE FERENCE al lows the s erver to o verride | |||
| 5308 | the c lients pre ferred cip hersuites and rather use its o wn prefere nces. | 2406 | the c lients pre ferred cip hersuites and rather use its o wn prefere nces. | |||
| 5309 | Shoul d help to work aroun d M$ SGC ( Server Gat ed Cryptog raphy) bug in | 2407 | Shoul d help to work aroun d M$ SGC ( Server Gat ed Cryptog raphy) bug in | |||
| 5310 | Inter net Explor er by ensu ring uncha nged hash method dur ing stepup . | 2408 | Inter net Explor er by ensu ring uncha nged hash method dur ing stepup . | |||
| 5311 | (Also replaces the broken /deactivat ed SSL_OP_ NON_EXPORT _FIRST opt ion.) | 2409 | (Also replaces the broken /deactivat ed SSL_OP_ NON_EXPORT _FIRST opt ion.) | |||
| 5312 | [Lutz Jaenicke] | 2410 | [Lutz Jaenicke] | |||
| 5313 | 2411 | |||||
| 5314 | *) Make mkdef.pl r ecognise a ll DECLARE _ASN1 macr os, change rijndael | 2412 | *) Make mkdef.pl r ecognise a ll DECLARE _ASN1 macr os, change rijndael | |||
| 5315 | to ae s and add a new 'exi st' option to print out symbol s that don 't | 2413 | to ae s and add a new 'exi st' option to print out symbol s that don 't | |||
| 5316 | appea r to exist . | 2414 | appea r to exist . | |||
| 5317 | [Stev e Henson] | 2415 | [Stev e Henson] | |||
| 5318 | 2416 | |||||
| 5319 | *) Addit ional opti ons to ocs p utility to allow f lags to be set and | 2417 | *) Addit ional opti ons to ocs p utility to allow f lags to be set and | |||
| 5320 | addit ional cert ificates s upplied. | 2418 | addit ional cert ificates s upplied. | |||
| 5321 | [Stev e Henson] | 2419 | [Stev e Henson] | |||
| 5322 | 2420 | |||||
| 5323 | *) Add t he option -VAfile to 'openssl ocsp', so the user c an give th e | 2421 | *) Add t he option -VAfile to 'openssl ocsp', so the user c an give th e | |||
| 5324 | OCSP client a n umber of c ertificate to only v erify the response | 2422 | OCSP client a n umber of c ertificate to only v erify the response | |||
| 5325 | signa ture again st. | 2423 | signa ture again st. | |||
| 5326 | [Rich ard Levitt e] | 2424 | [Rich ard Levitt e] | |||
| 5327 | 2425 | |||||
| 5328 | *) Updat e Rijndael code to v ersion 3.0 and chang e EVP AES ciphers to | 2426 | *) Updat e Rijndael code to v ersion 3.0 and chang e EVP AES ciphers to | |||
| 5329 | handl e the new API. Curre ntly only ECB, CBC m odes suppo rted. Add new | 2427 | handl e the new API. Curre ntly only ECB, CBC m odes suppo rted. Add new | |||
| 5330 | AES O IDs. | 2428 | AES O IDs. | |||
| 5331 | 2429 | |||||
| 5332 | Add T LS AES cip hersuites as describ ed in RFC3 268, "Adva nced | 2430 | Add T LS AES cip hersuites as describ ed in RFC3 268, "Adva nced | |||
| 5333 | Encry ption Stan dard (AES) Ciphersui tes for Tr ansport La yer | 2431 | Encry ption Stan dard (AES) Ciphersui tes for Tr ansport La yer | |||
| 5334 | Secur ity (TLS)" . (In bet a versions of OpenSS L 0.9.7, t hese were | 2432 | Secur ity (TLS)" . (In bet a versions of OpenSS L 0.9.7, t hese were | |||
| 5335 | not e nabled by default an d were not part of t he "ALL" c iphersuite | 2433 | not e nabled by default an d were not part of t he "ALL" c iphersuite | |||
| 5336 | alias because t hey were n ot yet off icial; the y could be | 2434 | alias because t hey were n ot yet off icial; the y could be | |||
| 5337 | expli citly requ ested by s pecifying the "AESdr aft" ciphe rsuite | 2435 | expli citly requ ested by s pecifying the "AESdr aft" ciphe rsuite | |||
| 5338 | group alias. I n the fina l release of OpenSSL 0.9.7, th e group | 2436 | group alias. I n the fina l release of OpenSSL 0.9.7, th e group | |||
| 5339 | alias is called "AES" and is part o f "ALL".) | 2437 | alias is called "AES" and is part o f "ALL".) | |||
| 5340 | [Ben Laurie, St eve Henso n, Bodo Mo eller] | 2438 | [Ben Laurie, St eve Henso n, Bodo Mo eller] | |||
| 5341 | 2439 | |||||
| 5342 | *) New f unction OC SP_copy_no nce() to c opy nonce value (if present) f rom | 2440 | *) New f unction OC SP_copy_no nce() to c opy nonce value (if present) f rom | |||
| 5343 | reque st to resp onse. | 2441 | reque st to resp onse. | |||
| 5344 | [Stev e Henson] | 2442 | [Stev e Henson] | |||
| 5345 | 2443 | |||||
| 5346 | *) Funct ions for O CSP respon ders. OCSP _request_o nereq_coun t(), | 2444 | *) Funct ions for O CSP respon ders. OCSP _request_o nereq_coun t(), | |||
| 5347 | OCSP_ request_on ereq_get0( ), OCSP_on ereq_get0_ id() and O CSP_id_get 0_info() | 2445 | OCSP_ request_on ereq_get0( ), OCSP_on ereq_get0_ id() and O CSP_id_get 0_info() | |||
| 5348 | extra ct informa tion from a certific ate reques t. OCSP_re sponse_cre ate() | 2446 | extra ct informa tion from a certific ate reques t. OCSP_re sponse_cre ate() | |||
| 5349 | creat es a respo nse and op tionally a dds a basi c response structure . | 2447 | creat es a respo nse and op tionally a dds a basi c response structure . | |||
| 5350 | OCSP_ basic_add1 _status() adds a com plete sing le respons e to a bas ic | 2448 | OCSP_ basic_add1 _status() adds a com plete sing le respons e to a bas ic | |||
| 5351 | respo nse and re turns the OCSP_SINGL ERESP stru cture just added (to allow | 2449 | respo nse and re turns the OCSP_SINGL ERESP stru cture just added (to allow | |||
| 5352 | exten sions to b e included for examp le). OCSP_ basic_add1 _cert() ad ds a | 2450 | exten sions to b e included for examp le). OCSP_ basic_add1 _cert() ad ds a | |||
| 5353 | certi ficate to a basic re sponse and OCSP_basi c_sign() s igns a bas ic | 2451 | certi ficate to a basic re sponse and OCSP_basi c_sign() s igns a bas ic | |||
| 5354 | respo nse with v arious fla gs. New he lper funct ions ASN1_ TIME_check () | 2452 | respo nse with v arious fla gs. New he lper funct ions ASN1_ TIME_check () | |||
| 5355 | (chec ks validit y of ASN1_ TIME struc ture) and ASN1_TIME_ to_general izedtime() | 2453 | (chec ks validit y of ASN1_ TIME struc ture) and ASN1_TIME_ to_general izedtime() | |||
| 5356 | (conv erts ASN1_ TIME to Ge neralizedT ime). | 2454 | (conv erts ASN1_ TIME to Ge neralizedT ime). | |||
| 5357 | [Stev e Henson] | 2455 | [Stev e Henson] | |||
| 5358 | 2456 | |||||
| 5359 | *) Vario us new fun ctions. EV P_Digest() combines EVP_Digest {Init,Upda te,Final}( ) | 2457 | *) Vario us new fun ctions. EV P_Digest() combines EVP_Digest {Init,Upda te,Final}( ) | |||
| 5360 | in a single ope ration. X5 09_get0_pu bkey_bitst r() extrac ts the pub lic_key | 2458 | in a single ope ration. X5 09_get0_pu bkey_bitst r() extrac ts the pub lic_key | |||
| 5361 | struc ture from a certific ate. X509_ pubkey_dig est() dige sts the pu blic_key | 2459 | struc ture from a certific ate. X509_ pubkey_dig est() dige sts the pu blic_key | |||
| 5362 | conte nts: this is used in various k ey identif iers. | 2460 | conte nts: this is used in various k ey identif iers. | |||
| 5363 | [Stev e Henson] | 2461 | [Stev e Henson] | |||
| 5364 | 2462 | |||||
| 5365 | *) Make sk_sort() tolerate a NULL argu ment. | 2463 | *) Make sk_sort() tolerate a NULL argu ment. | |||
| 5366 | [Stev e Henson r eported by Massimili ano Pala < madwolf@co mune.moden a.it>] | 2464 | [Stev e Henson r eported by Massimili ano Pala < madwolf@co mune.moden a.it>] | |||
| 5367 | 2465 | |||||
| 5368 | *) New O CSP verify flag OCSP _TRUSTOTHE R. When se t the "oth er" certif icates | 2466 | *) New O CSP verify flag OCSP _TRUSTOTHE R. When se t the "oth er" certif icates | |||
| 5369 | passe d by the f unction ar e trusted implicitly . If any o f them sig ned the | 2467 | passe d by the f unction ar e trusted implicitly . If any o f them sig ned the | |||
| 5370 | respo nse then i t is assum ed to be v alid and i s not veri fied. | 2468 | respo nse then i t is assum ed to be v alid and i s not veri fied. | |||
| 5371 | [Stev e Henson] | 2469 | [Stev e Henson] | |||
| 5372 | 2470 | |||||
| 5373 | *) In PK CS7_set_ty pe() initi alise cont ent_type i n PKCS7_EN C_CONTENT | 2471 | *) In PK CS7_set_ty pe() initi alise cont ent_type i n PKCS7_EN C_CONTENT | |||
| 5374 | to da ta. This w as previou sly part o f the PKCS 7 ASN1 cod e. This | 2472 | to da ta. This w as previou sly part o f the PKCS 7 ASN1 cod e. This | |||
| 5375 | was c ausing pro blems with OpenSSL c reated PKC S#12 and P KCS#7 stru ctures. | 2473 | was c ausing pro blems with OpenSSL c reated PKC S#12 and P KCS#7 stru ctures. | |||
| 5376 | [Stev e Henson, reported b y Kenneth R. Robinet te | 2474 | [Stev e Henson, reported b y Kenneth R. Robinet te | |||
| 5377 | <support @securenet term.com>] | 2475 | <support @securenet term.com>] | |||
| 5378 | 2476 | |||||
| 5379 | *) Add C RYPTO_push _info() an d CRYPTO_p op_info() calls to n ew ASN1 | 2477 | *) Add C RYPTO_push _info() an d CRYPTO_p op_info() calls to n ew ASN1 | |||
| 5380 | routi nes: witho ut these t racing mem ory leaks is very pa inful. | 2478 | routi nes: witho ut these t racing mem ory leaks is very pa inful. | |||
| 5381 | Fix l eaks in PK CS12 and P KCS7 routi nes. | 2479 | Fix l eaks in PK CS12 and P KCS7 routi nes. | |||
| 5382 | [Stev e Henson] | 2480 | [Stev e Henson] | |||
| 5383 | 2481 | |||||
| 5384 | *) Make X509_time_ adj() cope with the new behavi our of ASN 1_TIME_new (). | 2482 | *) Make X509_time_ adj() cope with the new behavi our of ASN 1_TIME_new (). | |||
| 5385 | Previ ously it i nitialised the 'type ' argument to V_ASN1 _UTCTIME w hich | 2483 | Previ ously it i nitialised the 'type ' argument to V_ASN1 _UTCTIME w hich | |||
| 5386 | effec tively mea nt General izedTime w ould never be used. Now it | 2484 | effec tively mea nt General izedTime w ould never be used. Now it | |||
| 5387 | is in itialised to -1 but X509_time_ adj() now has to che ck the val ue | 2485 | is in itialised to -1 but X509_time_ adj() now has to che ck the val ue | |||
| 5388 | and u se ASN1_TI ME_set() i f the valu e is not V _ASN1_UTCT IME or | 2486 | and u se ASN1_TI ME_set() i f the valu e is not V _ASN1_UTCT IME or | |||
| 5389 | V_ASN 1_GENERALI ZEDTIME, w ithout thi s it alway s uses Gen eralizedTi me. | 2487 | V_ASN 1_GENERALI ZEDTIME, w ithout thi s it alway s uses Gen eralizedTi me. | |||
| 5390 | [Stev e Henson, reported b y Kenneth R. Robinet te | 2488 | [Stev e Henson, reported b y Kenneth R. Robinet te | |||
| 5391 | <support @securenet term.com>] | 2489 | <support @securenet term.com>] | |||
| 5392 | 2490 | |||||
| 5393 | *) Fixes to BN_to_ ASN1_INTEG ER when bn is zero. This would previousl y | 2491 | *) Fixes to BN_to_ ASN1_INTEG ER when bn is zero. This would previousl y | |||
| 5394 | resul t in a zer o length i n the ASN1 _INTEGER s tructure w hich was | 2492 | resul t in a zer o length i n the ASN1 _INTEGER s tructure w hich was | |||
| 5395 | not c onsistent with the s tructure w hen d2i_AS N1_INTEGER () was use d | 2493 | not c onsistent with the s tructure w hen d2i_AS N1_INTEGER () was use d | |||
| 5396 | and w ould cause ASN1_INTE GER_cmp() to fail. E nhance s2i _ASN1_INTE GER() | 2494 | and w ould cause ASN1_INTE GER_cmp() to fail. E nhance s2i _ASN1_INTE GER() | |||
| 5397 | to co pe with he x and nega tive integ ers. Fix b ug in i2a_ ASN1_INTEG ER() | 2495 | to co pe with he x and nega tive integ ers. Fix b ug in i2a_ ASN1_INTEG ER() | |||
| 5398 | where it did no t print ou t a minus for negati ve ASN1_IN TEGER. | 2496 | where it did no t print ou t a minus for negati ve ASN1_IN TEGER. | |||
| 5399 | [Stev e Henson] | 2497 | [Stev e Henson] | |||
| 5400 | 2498 | |||||
| 5401 | *) Add s ummary pri ntout to o csp utilit y. The var ious funct ions which | 2499 | *) Add s ummary pri ntout to o csp utilit y. The var ious funct ions which | |||
| 5402 | conve rt status values to strings ha ve been re named to: | 2500 | conve rt status values to strings ha ve been re named to: | |||
| 5403 | OCSP_ response_s tatus_str( ), OCSP_ce rt_status_ str() and | 2501 | OCSP_ response_s tatus_str( ), OCSP_ce rt_status_ str() and | |||
| 5404 | OCSP_ crl_reason _str() and are no lo nger stati c. New opt ions | 2502 | OCSP_ crl_reason _str() and are no lo nger stati c. New opt ions | |||
| 5405 | to ve rify nonce values an d to disab le verific ation. OCS P response | 2503 | to ve rify nonce values an d to disab le verific ation. OCS P response | |||
| 5406 | print out format cleaned u p. | 2504 | print out format cleaned u p. | |||
| 5407 | [Stev e Henson] | 2505 | [Stev e Henson] | |||
| 5408 | 2506 | |||||
| 5409 | *) Add a dditional OCSP certi ficate che cks. These are those specified | 2507 | *) Add a dditional OCSP certi ficate che cks. These are those specified | |||
| 5410 | in RF C2560. Thi s consists of two se parate che cks: the C A of the | 2508 | in RF C2560. Thi s consists of two se parate che cks: the C A of the | |||
| 5411 | certi ficate bei ng checked must eith er be the OCSP signe r certific ate | 2509 | certi ficate bei ng checked must eith er be the OCSP signe r certific ate | |||
| 5412 | or th e issuer o f the OCSP signer ce rtificate. In the la tter case the | 2510 | or th e issuer o f the OCSP signer ce rtificate. In the la tter case the | |||
| 5413 | OCSP signer cer tificate m ust contai n the OCSP signing e xtended ke y | 2511 | OCSP signer cer tificate m ust contai n the OCSP signing e xtended ke y | |||
| 5414 | usage . This che ck is perf ormed by a ttempting to match t he OCSP | 2512 | usage . This che ck is perf ormed by a ttempting to match t he OCSP | |||
| 5415 | signe r or the O CSP signer CA to the issuerNam eHash and issuerKeyH ash | 2513 | signe r or the O CSP signer CA to the issuerNam eHash and issuerKeyH ash | |||
| 5416 | in th e OCSP_CER TID struct ures of th e response . | 2514 | in th e OCSP_CER TID struct ures of th e response . | |||
| 5417 | [Stev e Henson] | 2515 | [Stev e Henson] | |||
| 5418 | 2516 | |||||
| 5419 | *) Initi al OCSP ce rtificate verificati on added t o OCSP_bas ic_verify( ) | 2517 | *) Initi al OCSP ce rtificate verificati on added t o OCSP_bas ic_verify( ) | |||
| 5420 | and r elated rou tines. Thi s uses the standard OpenSSL ce rtificate | 2518 | and r elated rou tines. Thi s uses the standard OpenSSL ce rtificate | |||
| 5421 | verif y routines to perfor m initial checks (ju st CA vali dity) and | 2519 | verif y routines to perfor m initial checks (ju st CA vali dity) and | |||
| 5422 | to ob tain the c ertificate chain. Th en additio nal checks will be | 2520 | to ob tain the c ertificate chain. Th en additio nal checks will be | |||
| 5423 | perfo rmed on th e chain. C urrently t he root CA is checke d to see | 2521 | perfo rmed on th e chain. C urrently t he root CA is checke d to see | |||
| 5424 | if it is explic itly trust ed for OCS P signing. This is u sed to set | 2522 | if it is explic itly trust ed for OCS P signing. This is u sed to set | |||
| 5425 | a roo t CA as a global sig ning root: that is a ny certifi cate that | 2523 | a roo t CA as a global sig ning root: that is a ny certifi cate that | |||
| 5426 | chain s to that CA is an a cceptable OCSP signi ng certifi cate. | 2524 | chain s to that CA is an a cceptable OCSP signi ng certifi cate. | |||
| 5427 | [Stev e Henson] | 2525 | [Stev e Henson] | |||
| 5428 | 2526 | |||||
| 5429 | *) New ' -extfile . ..' option to 'opens sl ca' for reading X .509v3 | 2527 | *) New ' -extfile . ..' option to 'opens sl ca' for reading X .509v3 | |||
| 5430 | exten sions from a separat e configur ation file . | 2528 | exten sions from a separat e configur ation file . | |||
| 5431 | As wh en reading extension s from the main conf iguration file, | 2529 | As wh en reading extension s from the main conf iguration file, | |||
| 5432 | the ' -extension s ...' opt ion may be used for specifying the | 2530 | the ' -extension s ...' opt ion may be used for specifying the | |||
| 5433 | secti on to use. | 2531 | secti on to use. | |||
| 5434 | [Mass imiliano P ala <madwo lf@comune. modena.it> ] | 2532 | [Mass imiliano P ala <madwo lf@comune. modena.it> ] | |||
| 5435 | 2533 | |||||
| 5436 | *) New O CSP utilit y. Allows OCSP reque sts to be generated or | 2534 | *) New O CSP utilit y. Allows OCSP reque sts to be generated or | |||
| 5437 | read. The reque st can be sent to a responder and the ou tput | 2535 | read. The reque st can be sent to a responder and the ou tput | |||
| 5438 | parse d, outpute d or print ed in text form. Not complete yet: | 2536 | parse d, outpute d or print ed in text form. Not complete yet: | |||
| 5439 | still needs to check the OCSP respo nse validi ty. | 2537 | still needs to check the OCSP respo nse validi ty. | |||
| 5440 | [Stev e Henson] | 2538 | [Stev e Henson] | |||
| 5441 | 2539 | |||||
| 5442 | *) New s ubcommands for 'open ssl ca': | 2540 | *) New s ubcommands for 'open ssl ca': | |||
| 5443 | 'open ssl ca -st atus <seri al>' print s the stat us of the cert with | 2541 | 'open ssl ca -st atus <seri al>' print s the stat us of the cert with | |||
| 5444 | the g iven seria l number ( according to the ind ex file). | 2542 | the g iven seria l number ( according to the ind ex file). | |||
| 5445 | 'open ssl ca -up datedb' up dates the expiry sta tus of cer tificates | 2543 | 'open ssl ca -up datedb' up dates the expiry sta tus of cer tificates | |||
| 5446 | in th e index fi le. | 2544 | in th e index fi le. | |||
| 5447 | [Mass imiliano P ala <madwo lf@comune. modena.it> ] | 2545 | [Mass imiliano P ala <madwo lf@comune. modena.it> ] | |||
| 5448 | 2546 | |||||
| 5449 | *) New ' -newreq-no des' comma nd option to CA.pl. This is l ike | 2547 | *) New ' -newreq-no des' comma nd option to CA.pl. This is l ike | |||
| 5450 | '-new req', but calls 'ope nssl req' with the ' -nodes' op tion | 2548 | '-new req', but calls 'ope nssl req' with the ' -nodes' op tion | |||
| 5451 | so th at the res ulting key is not en crypted. | 2549 | so th at the res ulting key is not en crypted. | |||
| 5452 | [Dami en Miller <djm@mindr ot.org>] | 2550 | [Dami en Miller <djm@mindr ot.org>] | |||
| 5453 | 2551 | |||||
| 5454 | *) New c onfigurati on for the GNU Hurd. | 2552 | *) New c onfigurati on for the GNU Hurd. | |||
| 5455 | [Jona than Bartl ett <johnn yb@wolfram .com> via Richard Le vitte] | 2553 | [Jona than Bartl ett <johnn yb@wolfram .com> via Richard Le vitte] | |||
| 5456 | 2554 | |||||
| 5457 | *) Initi al code to implement OCSP basi c response verify. T his | 2555 | *) Initi al code to implement OCSP basi c response verify. T his | |||
| 5458 | is cu rrently in complete. Currently just finds the signe r's | 2556 | is cu rrently in complete. Currently just finds the signe r's | |||
| 5459 | certi ficate and verifies the signat ure on the response. | 2557 | certi ficate and verifies the signat ure on the response. | |||
| 5460 | [Stev e Henson] | 2558 | [Stev e Henson] | |||
| 5461 | 2559 | |||||
| 5462 | *) New S SLeay_vers ion code S SLEAY_DIR to determi ne the com piled-in | 2560 | *) New S SLeay_vers ion code S SLEAY_DIR to determi ne the com piled-in | |||
| 5463 | value of OPENSS LDIR. Thi s is avail able via t he new '-d ' option | 2561 | value of OPENSS LDIR. Thi s is avail able via t he new '-d ' option | |||
| 5464 | to 'o penssl ver sion', and is also i ncluded in 'openssl version -a '. | 2562 | to 'o penssl ver sion', and is also i ncluded in 'openssl version -a '. | |||
| 5465 | [Bodo Moeller] | 2563 | [Bodo Moeller] | |||
| 5466 | 2564 | |||||
| 5467 | *) Allow ing defini ng memory allocation callbacks that will be given | 2565 | *) Allow ing defini ng memory allocation callbacks that will be given | |||
| 5468 | file name and l ine number informati on in addi tional arg uments | 2566 | file name and l ine number informati on in addi tional arg uments | |||
| 5469 | (a co nst char* and an int ). The ba sic functi onality re mains, as | 2567 | (a co nst char* and an int ). The ba sic functi onality re mains, as | |||
| 5470 | well as the ori ginal poss ibility to just repl ace malloc (), | 2568 | well as the ori ginal poss ibility to just repl ace malloc (), | |||
| 5471 | reall oc() and f ree() by f unctions t hat do not know abou t these | 2569 | reall oc() and f ree() by f unctions t hat do not know abou t these | |||
| 5472 | addit ional argu ments. To register and find o ut the cur rent | 2570 | addit ional argu ments. To register and find o ut the cur rent | |||
| 5473 | setti ngs for ex tended all ocation fu nctions, t he followi ng | 2571 | setti ngs for ex tended all ocation fu nctions, t he followi ng | |||
| 5474 | funct ions are p rovided: | 2572 | funct ions are p rovided: | |||
| 5475 | 2573 | |||||
| 5476 | CR YPTO_set_m em_ex_func tions | 2574 | CR YPTO_set_m em_ex_func tions | |||
| 5477 | CR YPTO_set_l ocked_mem_ ex_functio ns | 2575 | CR YPTO_set_l ocked_mem_ ex_functio ns | |||
| 5478 | CR YPTO_get_m em_ex_func tions | 2576 | CR YPTO_get_m em_ex_func tions | |||
| 5479 | CR YPTO_get_l ocked_mem_ ex_functio ns | 2577 | CR YPTO_get_l ocked_mem_ ex_functio ns | |||
| 5480 | 2578 | |||||
| 5481 | These work the same way a s CRYPTO_s et_mem_fun ctions and friends. | 2579 | These work the same way a s CRYPTO_s et_mem_fun ctions and friends. | |||
| 5482 | CRYPT O_get_[loc ked_]mem_f unctions n ow writes 0 where su ch an | 2580 | CRYPT O_get_[loc ked_]mem_f unctions n ow writes 0 where su ch an | |||
| 5483 | exten ded alloca tion funct ion is ena bled. | 2581 | exten ded alloca tion funct ion is ena bled. | |||
| 5484 | Simil arly, CRYP TO_get_[lo cked_]mem_ ex_functio ns writes 0 where | 2582 | Simil arly, CRYP TO_get_[lo cked_]mem_ ex_functio ns writes 0 where | |||
| 5485 | a con ventional allocation function is enabled . | 2583 | a con ventional allocation function is enabled . | |||
| 5486 | [Rich ard Levitt e, Bodo Mo eller] | 2584 | [Rich ard Levitt e, Bodo Mo eller] | |||
| 5487 | 2585 | |||||
| 5488 | *) Finis h off remo ving the r emaining L HASH funct ion pointe r casts. | 2586 | *) Finis h off remo ving the r emaining L HASH funct ion pointe r casts. | |||
| 5489 | There should no longer be any proto type-casti ng require d when usi ng | 2587 | There should no longer be any proto type-casti ng require d when usi ng | |||
| 5490 | the L HASH abstr action, an d any cast s that rem ain are "b ugs". See | 2588 | the L HASH abstr action, an d any cast s that rem ain are "b ugs". See | |||
| 5491 | the c allback ty pes and ma cros at th e head of lhash.h fo r details | 2589 | the c allback ty pes and ma cros at th e head of lhash.h fo r details | |||
| 5492 | (and "OBJ_clean up" in cry pto/object s/obj_dat. c as an ex ample). | 2590 | (and "OBJ_clean up" in cry pto/object s/obj_dat. c as an ex ample). | |||
| 5493 | [Geof f Thorpe] | 2591 | [Geof f Thorpe] | |||
| 5494 | 2592 | |||||
| 5495 | *) Add a utomatic q uery of EG D sockets in RAND_po ll() for t he unix va riant. | 2593 | *) Add a utomatic q uery of EG D sockets in RAND_po ll() for t he unix va riant. | |||
| 5496 | If /d ev/[u]rand om devices are not a vailable o r do not r eturn enou gh | 2594 | If /d ev/[u]rand om devices are not a vailable o r do not r eturn enou gh | |||
| 5497 | entro py, EGD st yle socket s (served by EGD or PRNGD) wil l automati cally | 2595 | entro py, EGD st yle socket s (served by EGD or PRNGD) wil l automati cally | |||
| 5498 | be qu eried. | 2596 | be qu eried. | |||
| 5499 | The l ocations / var/run/eg d-pool, /d ev/egd-poo l, /etc/eg d-pool, an d | 2597 | The l ocations / var/run/eg d-pool, /d ev/egd-poo l, /etc/eg d-pool, an d | |||
| 5500 | /etc/ entropy wi ll be quer ied once e ach in thi s sequence , quering stops | 2598 | /etc/ entropy wi ll be quer ied once e ach in thi s sequence , quering stops | |||
| 5501 | when enough ent ropy was c ollected w ithout que rying more sockets. | 2599 | when enough ent ropy was c ollected w ithout que rying more sockets. | |||
| 5502 | [Lutz Jaenicke] | 2600 | [Lutz Jaenicke] | |||
| 5503 | 2601 | |||||
| 5504 | *) Chang e the Unix RAND_poll () variant to be abl e to poll several | 2602 | *) Chang e the Unix RAND_poll () variant to be abl e to poll several | |||
| 5505 | rando m devices, as specif ied by DEV RANDOM, un til a suff icient amo unt | 2603 | rando m devices, as specif ied by DEV RANDOM, un til a suff icient amo unt | |||
| 5506 | of da ta has bee n collecte d. We sp end at mos t 10 ms on each file | 2604 | of da ta has bee n collecte d. We sp end at mos t 10 ms on each file | |||
| 5507 | (sele ct timeout ) and read in non-bl ocking mod e. DEVRAN DOM now | 2605 | (sele ct timeout ) and read in non-bl ocking mod e. DEVRAN DOM now | |||
| 5508 | defau lts to the list "/de v/urandom" , "/dev/ra ndom", "/d ev/srandom " | 2606 | defau lts to the list "/de v/urandom" , "/dev/ra ndom", "/d ev/srandom " | |||
| 5509 | (prev iously it was just t he string "/dev/uran dom"), so on typical | 2607 | (prev iously it was just t he string "/dev/uran dom"), so on typical | |||
| 5510 | platf orms the 1 0 ms delay will neve r occur. | 2608 | platf orms the 1 0 ms delay will neve r occur. | |||
| 5511 | Also separate o ut the Uni x variant to its own file, ran d_unix.c. | 2609 | Also separate o ut the Uni x variant to its own file, ran d_unix.c. | |||
| 5512 | For V MS, there' s a curren tly-empty rand_vms.c . | 2610 | For V MS, there' s a curren tly-empty rand_vms.c . | |||
| 5513 | [Rich ard Levitt e] | 2611 | [Rich ard Levitt e] | |||
| 5514 | 2612 | |||||
| 5515 | *) Move OCSP clien t related routines t o ocsp_cl. c. These | 2613 | *) Move OCSP clien t related routines t o ocsp_cl. c. These | |||
| 5516 | provi de utility functions which an applicatio n needing | 2614 | provi de utility functions which an applicatio n needing | |||
| 5517 | to is sue a requ est to an OCSP respo nder and a nalyse the | 2615 | to is sue a requ est to an OCSP respo nder and a nalyse the | |||
| 5518 | respo nse will t ypically n eed: as op posed to t hose which an | 2616 | respo nse will t ypically n eed: as op posed to t hose which an | |||
| 5519 | OCSP responder itself wou ld need wh ich will b e added la ter. | 2617 | OCSP responder itself wou ld need wh ich will b e added la ter. | |||
| 5520 | 2618 | |||||
| 5521 | OCSP_ request_si gn() signs an OCSP r equest wit h an API s imilar | 2619 | OCSP_ request_si gn() signs an OCSP r equest wit h an API s imilar | |||
| 5522 | to PK CS7_sign() . OCSP_res ponse_stat us() retur ns status of OCSP | 2620 | to PK CS7_sign() . OCSP_res ponse_stat us() retur ns status of OCSP | |||
| 5523 | respo nse. OCSP_ response_g et1_basic( ) extracts basic res ponse | 2621 | respo nse. OCSP_ response_g et1_basic( ) extracts basic res ponse | |||
| 5524 | from response. OCSP_resp_ find_statu s(): finds and extra cts status | 2622 | from response. OCSP_resp_ find_statu s(): finds and extra cts status | |||
| 5525 | infor mation fro m an OCSP_ CERTID str ucture (wh ich will b e created | 2623 | infor mation fro m an OCSP_ CERTID str ucture (wh ich will b e created | |||
| 5526 | when the reques t structur e is built ). These a re built f rom lower | 2624 | when the reques t structur e is built ). These a re built f rom lower | |||
| 5527 | level functions which wor k on OCSP_ SINGLERESP structure s but | 2625 | level functions which wor k on OCSP_ SINGLERESP structure s but | |||
| 5528 | wont normally b e used unl ess the ap plication wishes to examine | 2626 | wont normally b e used unl ess the ap plication wishes to examine | |||
| 5529 | exten sions in t he OCSP re sponse for example. | 2627 | exten sions in t he OCSP re sponse for example. | |||
| 5530 | 2628 | |||||
| 5531 | Repla ce nonce r outines wi th a pair of functio ns. | 2629 | Repla ce nonce r outines wi th a pair of functio ns. | |||
| 5532 | OCSP_ request_ad d1_nonce() adds a no nce value and option ally | 2630 | OCSP_ request_ad d1_nonce() adds a no nce value and option ally | |||
| 5533 | gener ates a ran dom value. OCSP_chec k_nonce() checks the | 2631 | gener ates a ran dom value. OCSP_chec k_nonce() checks the | |||
| 5534 | valid ity of the nonce in an OCSP re sponse. | 2632 | valid ity of the nonce in an OCSP re sponse. | |||
| 5535 | [Stev e Henson] | 2633 | [Stev e Henson] | |||
| 5536 | 2634 | |||||
| 5537 | *) Chang e function OCSP_requ est_add() to OCSP_re quest_add0 _id(). | 2635 | *) Chang e function OCSP_requ est_add() to OCSP_re quest_add0 _id(). | |||
| 5538 | This doesn't co py the sup plied OCSP _CERTID an d avoids t he | 2636 | This doesn't co py the sup plied OCSP _CERTID an d avoids t he | |||
| 5539 | need to free up the newly created i d. Change return typ e | 2637 | need to free up the newly created i d. Change return typ e | |||
| 5540 | to OC SP_ONEREQ to return the intern al OCSP_ON EREQ struc ture. | 2638 | to OC SP_ONEREQ to return the intern al OCSP_ON EREQ struc ture. | |||
| 5541 | This can then b e used to add extens ions to th e request. | 2639 | This can then b e used to add extens ions to th e request. | |||
| 5542 | Delet ed OCSP_re quest_new( ), since m ost of its functiona lity | 2640 | Delet ed OCSP_re quest_new( ), since m ost of its functiona lity | |||
| 5543 | is no w in OCSP_ REQUEST_ne w() (and t he case in sensitive name | 2641 | is no w in OCSP_ REQUEST_ne w() (and t he case in sensitive name | |||
| 5544 | clash ) apart fr om the abi lity to se t the requ est name w hich | 2642 | clash ) apart fr om the abi lity to se t the requ est name w hich | |||
| 5545 | will be added e lsewhere. | 2643 | will be added e lsewhere. | |||
| 5546 | [Stev e Henson] | 2644 | [Stev e Henson] | |||
| 5547 | 2645 | |||||
| 5548 | *) Updat e OCSP API . Remove o bsolete ex tensions a rgument fr om | 2646 | *) Updat e OCSP API . Remove o bsolete ex tensions a rgument fr om | |||
| 5549 | vario us functio ns. Extens ions are n ow handled using the new | 2647 | vario us functio ns. Extens ions are n ow handled using the new | |||
| 5550 | OCSP extension code. New simple OCS P HTTP fun ction whic h | 2648 | OCSP extension code. New simple OCS P HTTP fun ction whic h | |||
| 5551 | can b e used to send reque sts and pa rse the re sponse. | 2649 | can b e used to send reque sts and pa rse the re sponse. | |||
| 5552 | [Stev e Henson] | 2650 | [Stev e Henson] | |||
| 5553 | 2651 | |||||
| 5554 | *) Fix t he PKCS#7 (S/MIME) c ode to wor k with new ASN1. Two new | 2652 | *) Fix t he PKCS#7 (S/MIME) c ode to wor k with new ASN1. Two new | |||
| 5555 | ASN1_ ITEM struc tures help with sign and verif y. PKCS7_A TTR_SIGN | 2653 | ASN1_ ITEM struc tures help with sign and verif y. PKCS7_A TTR_SIGN | |||
| 5556 | uses the specia l reorder version of SET OF to sort the attributes | 2654 | uses the specia l reorder version of SET OF to sort the attributes | |||
| 5557 | and r eorder the m to match the encod ed order. This resol ves a long | 2655 | and r eorder the m to match the encod ed order. This resol ves a long | |||
| 5558 | stand ing proble m: a verif y on a PKC S7 structu re just af ter signin g | 2656 | stand ing proble m: a verif y on a PKC S7 structu re just af ter signin g | |||
| 5559 | it us ed to fail because t he attribu te order d id not mat ch the | 2657 | it us ed to fail because t he attribu te order d id not mat ch the | |||
| 5560 | encod ed order. PKCS7_ATTR _VERIFY do es not reo rder the a ttributes: | 2658 | encod ed order. PKCS7_ATTR _VERIFY do es not reo rder the a ttributes: | |||
| 5561 | it us es the rec eived orde r. This is necessary to tolera te some br oken | 2659 | it us es the rec eived orde r. This is necessary to tolera te some br oken | |||
| 5562 | softw are that d oes not or der SET OF . This is handled by encoding | 2660 | softw are that d oes not or der SET OF . This is handled by encoding | |||
| 5563 | as a SEQUENCE O F but usin g implicit tagging ( with UNIVE RSAL class ) | 2661 | as a SEQUENCE O F but usin g implicit tagging ( with UNIVE RSAL class ) | |||
| 5564 | to pr oduce the required S ET OF. | 2662 | to pr oduce the required S ET OF. | |||
| 5565 | [Stev e Henson] | 2663 | [Stev e Henson] | |||
| 5566 | 2664 | |||||
| 5567 | *) Have mk1mf.pl g enerate th e macros O PENSSL_BUI LD_SHLIBCR YPTO and | 2665 | *) Have mk1mf.pl g enerate th e macros O PENSSL_BUI LD_SHLIBCR YPTO and | |||
| 5568 | OPENS SL_BUILD_S HLIBSSL an d use them appropria tely in th e header | 2666 | OPENS SL_BUILD_S HLIBSSL an d use them appropria tely in th e header | |||
| 5569 | files to get co rrect decl arations o f the ASN. 1 item var iables. | 2667 | files to get co rrect decl arations o f the ASN. 1 item var iables. | |||
| 5570 | [Rich ard Levitt e] | 2668 | [Rich ard Levitt e] | |||
| 5571 | 2669 | |||||
| 5572 | *) Rewri te of PKCS #12 code t o use new ASN1 funct ionality. Replace ma ny | 2670 | *) Rewri te of PKCS #12 code t o use new ASN1 funct ionality. Replace ma ny | |||
| 5573 | PKCS# 12 macros with real functions. Fix two u nrelated A SN1 bugs: | 2671 | PKCS# 12 macros with real functions. Fix two u nrelated A SN1 bugs: | |||
| 5574 | asn1_ check_tlen () would s ometimes a ttempt to use 'ctx' when it wa s | 2672 | asn1_ check_tlen () would s ometimes a ttempt to use 'ctx' when it wa s | |||
| 5575 | NULL and ASN1_T YPE was no t derefere nced prope rly in asn 1_ex_c2i() . | 2673 | NULL and ASN1_T YPE was no t derefere nced prope rly in asn 1_ex_c2i() . | |||
| 5576 | New A SN1 macro: DECLARE_A SN1_ITEM() which jus t declares the relev ant | 2674 | New A SN1 macro: DECLARE_A SN1_ITEM() which jus t declares the relev ant | |||
| 5577 | ASN1_ ITEM and n o wrapper functions. | 2675 | ASN1_ ITEM and n o wrapper functions. | |||
| 5578 | [Stev e Henson] | 2676 | [Stev e Henson] | |||
| 5579 | 2677 | |||||
| 5580 | *) New f unctions o r ASN1_ite m_d2i_fp() and ASN1_ item_d2i_b io(). Thes e | 2678 | *) New f unctions o r ASN1_ite m_d2i_fp() and ASN1_ item_d2i_b io(). Thes e | |||
| 5581 | repla ce the old function pointer ba sed I/O ro utines. Ch ange most of | 2679 | repla ce the old function pointer ba sed I/O ro utines. Ch ange most of | |||
| 5582 | the * _d2i_bio() and *_d2i _fp() func tions to u se these. | 2680 | the * _d2i_bio() and *_d2i _fp() func tions to u se these. | |||
| 5583 | [Stev e Henson] | 2681 | [Stev e Henson] | |||
| 5584 | 2682 | |||||
| 5585 | *) Enhan ce mkdef.p l to be mo re accepti ng about s pacing in C preproce ssor | 2683 | *) Enhan ce mkdef.p l to be mo re accepti ng about s pacing in C preproce ssor | |||
| 5586 | lines , recognic e more "al gorithms" that can b e deselect ed, and ma ke | 2684 | lines , recognic e more "al gorithms" that can b e deselect ed, and ma ke | |||
| 5587 | it co mplain abo ut algorit hm deselec tion that isn't reco gnised. | 2685 | it co mplain abo ut algorit hm deselec tion that isn't reco gnised. | |||
| 5588 | [Rich ard Levitt e] | 2686 | [Rich ard Levitt e] | |||
| 5589 | 2687 | |||||
| 5590 | *) New A SN1 functi ons to han dle dup, s ign, verif y, digest, pack and | 2688 | *) New A SN1 functi ons to han dle dup, s ign, verif y, digest, pack and | |||
| 5591 | unpac k operatio ns in term s of ASN1_ ITEM. Modi fy existin g wrappers | 2689 | unpac k operatio ns in term s of ASN1_ ITEM. Modi fy existin g wrappers | |||
| 5592 | to us e new func tions. Add NO_ASN1_O LD which c an be set to remove | 2690 | to us e new func tions. Add NO_ASN1_O LD which c an be set to remove | |||
| 5593 | some old style ASN1 funct ions: this can be us ed to dete rmine if o ld | 2691 | some old style ASN1 funct ions: this can be us ed to dete rmine if o ld | |||
| 5594 | code will still work when these eve ntually go away. | 2692 | code will still work when these eve ntually go away. | |||
| 5595 | [Stev e Henson] | 2693 | [Stev e Henson] | |||
| 5596 | 2694 | |||||
| 5597 | *) New e xtension f unctions f or OCSP st ructures, these foll ow the | 2695 | *) New e xtension f unctions f or OCSP st ructures, these foll ow the | |||
| 5598 | same convention s as certi ficates an d CRLs. | 2696 | same convention s as certi ficates an d CRLs. | |||
| 5599 | [Stev e Henson] | 2697 | [Stev e Henson] | |||
| 5600 | 2698 | |||||
| 5601 | *) New f unction X5 09V3_add1_ i2d(). Thi s automati cally enco des and | 2699 | *) New f unction X5 09V3_add1_ i2d(). Thi s automati cally enco des and | |||
| 5602 | adds an extensi on. Its be haviour ca n be custo mised with various | 2700 | adds an extensi on. Its be haviour ca n be custo mised with various | |||
| 5603 | flags to append , replace or delete. Various w rappers ad ded for | 2701 | flags to append , replace or delete. Various w rappers ad ded for | |||
| 5604 | certi fcates and CRLs. | 2702 | certi fcates and CRLs. | |||
| 5605 | [Stev e Henson] | 2703 | [Stev e Henson] | |||
| 5606 | 2704 | |||||
| 5607 | *) Fix t o avoid ca lling the underlying ASN1 prin t routine when | 2705 | *) Fix t o avoid ca lling the underlying ASN1 prin t routine when | |||
| 5608 | an ex tension ca nnot be pa rsed. Corr ect a typo in the | 2706 | an ex tension ca nnot be pa rsed. Corr ect a typo in the | |||
| 5609 | OCSP_ SERVICELOC extension . Tidy up print OCSP format. | 2707 | OCSP_ SERVICELOC extension . Tidy up print OCSP format. | |||
| 5610 | [Stev e Henson] | 2708 | [Stev e Henson] | |||
| 5611 | 2709 | |||||
| 5612 | *) Make mkdef.pl p arse some of the ASN 1 macros a nd add apr opriate | 2710 | *) Make mkdef.pl p arse some of the ASN 1 macros a nd add apr opriate | |||
| 5613 | entri es for var iables. | 2711 | entri es for var iables. | |||
| 5614 | [Stev e Henson] | 2712 | [Stev e Henson] | |||
| 5615 | 2713 | |||||
| 5616 | *) Add f unctionali ty to apps /openssl.c for detec ting locki ng | 2714 | *) Add f unctionali ty to apps /openssl.c for detec ting locki ng | |||
| 5617 | probl ems: As th e program is single- threaded, all we hav e | 2715 | probl ems: As th e program is single- threaded, all we hav e | |||
| 5618 | to do is regist er a locki ng callbac k using an array for | 2716 | to do is regist er a locki ng callbac k using an array for | |||
| 5619 | stori ng which l ocks are c urrently h eld by the program. | 2717 | stori ng which l ocks are c urrently h eld by the program. | |||
| 5620 | [Bodo Moeller] | 2718 | [Bodo Moeller] | |||
| 5621 | 2719 | |||||
| 5622 | *) Use a lock arou nd the cal l to CRYPT O_get_ex_n ew_index() in | 2720 | *) Use a lock arou nd the cal l to CRYPT O_get_ex_n ew_index() in | |||
| 5623 | SSL_g et_ex_data _X509_STOR E_idx(), w hich is us ed in | 2721 | SSL_g et_ex_data _X509_STOR E_idx(), w hich is us ed in | |||
| 5624 | ssl_v erify_cert _chain() a nd thus ca n be calle d at any t ime | 2722 | ssl_v erify_cert _chain() a nd thus ca n be calle d at any t ime | |||
| 5625 | durin g TLS/SSL handshakes so that t hread-safe ty is esse ntial. | 2723 | durin g TLS/SSL handshakes so that t hread-safe ty is esse ntial. | |||
| 5626 | Unfor tunately, the ex_dat a design i s not at a ll suited | 2724 | Unfor tunately, the ex_dat a design i s not at a ll suited | |||
| 5627 | for m ulti-threa ded use, s o it proba bly should be abolis hed. | 2725 | for m ulti-threa ded use, s o it proba bly should be abolis hed. | |||
| 5628 | [Bodo Moeller] | 2726 | [Bodo Moeller] | |||
| 5629 | 2727 | |||||
| 5630 | *) Added Broadcom "ubsec" EN GINE to Op enSSL. | 2728 | *) Added Broadcom "ubsec" EN GINE to Op enSSL. | |||
| 5631 | [Broa dcom, twea ked and in tegrated b y Geoff Th orpe] | 2729 | [Broa dcom, twea ked and in tegrated b y Geoff Th orpe] | |||
| 5632 | 2730 | |||||
| 5633 | *) Move common ext ension pri nting code to new fu nction | 2731 | *) Move common ext ension pri nting code to new fu nction | |||
| 5634 | X509V 3_print_ex tensions() . Reorgani se OCSP pr int routin es and | 2732 | X509V 3_print_ex tensions() . Reorgani se OCSP pr int routin es and | |||
| 5635 | imple ment some needed OCS P ASN1 fun ctions. Ad d OCSP ext ensions. | 2733 | imple ment some needed OCS P ASN1 fun ctions. Ad d OCSP ext ensions. | |||
| 5636 | [Stev e Henson] | 2734 | [Stev e Henson] | |||
| 5637 | 2735 | |||||
| 5638 | *) New f unction X5 09_signatu re_print() to remove duplicati on in some | 2736 | *) New f unction X5 09_signatu re_print() to remove duplicati on in some | |||
| 5639 | print routines. | 2737 | print routines. | |||
| 5640 | [Stev e Henson] | 2738 | [Stev e Henson] | |||
| 5641 | 2739 | |||||
| 5642 | *) Add a special m eaning whe n SET OF a nd SEQUENC E OF flags are both | 2740 | *) Add a special m eaning whe n SET OF a nd SEQUENC E OF flags are both | |||
| 5643 | set ( this was t reated exa ctly the s ame as SET OF previo usly). Thi s | 2741 | set ( this was t reated exa ctly the s ame as SET OF previo usly). Thi s | |||
| 5644 | is us ed to reor der the ST ACK repres enting the structure to match the | 2742 | is us ed to reor der the ST ACK repres enting the structure to match the | |||
| 5645 | encod ing. This will be us ed to get round a pr oblem wher e a PKCS7 | 2743 | encod ing. This will be us ed to get round a pr oblem wher e a PKCS7 | |||
| 5646 | struc ture which was signe d could no t be verif ied becaus e the STAC K | 2744 | struc ture which was signe d could no t be verif ied becaus e the STAC K | |||
| 5647 | order did not r eflect the encoded o rder. | 2745 | order did not r eflect the encoded o rder. | |||
| 5648 | [Stev e Henson] | 2746 | [Stev e Henson] | |||
| 5649 | 2747 | |||||
| 5650 | *) Reimp lement the OCSP ASN1 module us ing the ne w code. | 2748 | *) Reimp lement the OCSP ASN1 module us ing the ne w code. | |||
| 5651 | [Stev e Henson] | 2749 | [Stev e Henson] | |||
| 5652 | 2750 | |||||
| 5653 | *) Updat e the X509 V3 code to permit th e use of a n ASN1_ITE M structur e | 2751 | *) Updat e the X509 V3 code to permit th e use of a n ASN1_ITE M structur e | |||
| 5654 | for i ts ASN1 op erations. The old st yle functi on pointer s still ex ist | 2752 | for i ts ASN1 op erations. The old st yle functi on pointer s still ex ist | |||
| 5655 | for n ow but the y will eve ntually go away. | 2753 | for n ow but the y will eve ntually go away. | |||
| 5656 | [Stev e Henson] | 2754 | [Stev e Henson] | |||
| 5657 | 2755 | |||||
| 5658 | *) Merge in replac ement ASN1 code from the ASN1 branch. Th is almost | 2756 | *) Merge in replac ement ASN1 code from the ASN1 branch. Th is almost | |||
| 5659 | compl etely repl aces the o ld ASN1 fu nctionalit y with a t able drive n | 2757 | compl etely repl aces the o ld ASN1 fu nctionalit y with a t able drive n | |||
| 5660 | encod er and dec oder which interpret s an ASN1_ ITEM struc ture descr ibing | 2758 | encod er and dec oder which interpret s an ASN1_ ITEM struc ture descr ibing | |||
| 5661 | the A SN1 module . Compatib ility with the exist ing ASN1 A PI (i2d,d2 i) is | 2759 | the A SN1 module . Compatib ility with the exist ing ASN1 A PI (i2d,d2 i) is | |||
| 5662 | large ly maintai ned. Almos t all of t he old asn 1_mac.h ma cro based ASN1 | 2760 | large ly maintai ned. Almos t all of t he old asn 1_mac.h ma cro based ASN1 | |||
| 5663 | has a lso been c onverted t o the new form. | 2761 | has a lso been c onverted t o the new form. | |||
| 5664 | [Stev e Henson] | 2762 | [Stev e Henson] | |||
| 5665 | 2763 | |||||
| 5666 | *) Chang e BN_mod_e xp_recp so that nega tive modul i are tole rated | 2764 | *) Chang e BN_mod_e xp_recp so that nega tive modul i are tole rated | |||
| 5667 | (the sign is ig nored). S imilarly, ignore the sign in B N_MONT_CTX _set | 2765 | (the sign is ig nored). S imilarly, ignore the sign in B N_MONT_CTX _set | |||
| 5668 | so th at BN_mod_ exp_mont a nd BN_mod_ exp_mont_w ord work | 2766 | so th at BN_mod_ exp_mont a nd BN_mod_ exp_mont_w ord work | |||
| 5669 | for n egative mo duli. | 2767 | for n egative mo duli. | |||
| 5670 | [Bodo Moeller] | 2768 | [Bodo Moeller] | |||
| 5671 | 2769 | |||||
| 5672 | *) Fix B N_uadd and BN_usub: Always ret urn non-ne gative res ults inste ad | 2770 | *) Fix B N_uadd and BN_usub: Always ret urn non-ne gative res ults inste ad | |||
| 5673 | of no t touching the resul t's sign b it. | 2771 | of no t touching the resul t's sign b it. | |||
| 5674 | [Bodo Moeller] | 2772 | [Bodo Moeller] | |||
| 5675 | 2773 | |||||
| 5676 | *) BN_di v bugfix: If the res ult is 0, the sign ( res->neg) must not b e | 2774 | *) BN_di v bugfix: If the res ult is 0, the sign ( res->neg) must not b e | |||
| 5677 | set. | 2775 | set. | |||
| 5678 | [Bodo Moeller] | 2776 | [Bodo Moeller] | |||
| 5679 | 2777 | |||||
| 5680 | *) Chang ed the LHA SH code to use proto types for callbacks, and creat ed | 2778 | *) Chang ed the LHA SH code to use proto types for callbacks, and creat ed | |||
| 5681 | macro s to decla re and imp lement thi n (optiona lly static ) function s | 2779 | macro s to decla re and imp lement thi n (optiona lly static ) function s | |||
| 5682 | that provide ty pe-safety and avoid function p ointer cas ting for t he | 2780 | that provide ty pe-safety and avoid function p ointer cas ting for t he | |||
| 5683 | type- specific c allbacks. | 2781 | type- specific c allbacks. | |||
| 5684 | [Geof f Thorpe] | 2782 | [Geof f Thorpe] | |||
| 5685 | 2783 | |||||
| 5686 | *) Added Kerberos Cipher Sui tes to be used with TLS, as wr itten in | 2784 | *) Added Kerberos Cipher Sui tes to be used with TLS, as wr itten in | |||
| 5687 | RFC 2 712. | 2785 | RFC 2 712. | |||
| 5688 | [Veer s Staats < staatsvr@a sc.hpc.mil >, | 2786 | [Veer s Staats < staatsvr@a sc.hpc.mil >, | |||
| 5689 | Jeff rey Altman <jaltman@ columbia.e du>, via R ichard Lev itte] | 2787 | Jeff rey Altman <jaltman@ columbia.e du>, via R ichard Lev itte] | |||
| 5690 | 2788 | |||||
| 5691 | *) Refor mat the FA Q so the d ifferent q uestions a nd answers can be di vided | 2789 | *) Refor mat the FA Q so the d ifferent q uestions a nd answers can be di vided | |||
| 5692 | in se ctions dep ending on the subjec t. | 2790 | in se ctions dep ending on the subjec t. | |||
| 5693 | [Rich ard Levitt e] | 2791 | [Rich ard Levitt e] | |||
| 5694 | 2792 | |||||
| 5695 | *) Have the zlib c ompression code load ZLIB.DLL dynamicall y under | 2793 | *) Have the zlib c ompression code load ZLIB.DLL dynamicall y under | |||
| 5696 | Windo ws. | 2794 | Windo ws. | |||
| 5697 | [Rich ard Levitt e] | 2795 | [Rich ard Levitt e] | |||
| 5698 | 2796 | |||||
| 5699 | *) New f unction BN _mod_sqrt for comput ing square roots mod ulo a prim e | 2797 | *) New f unction BN _mod_sqrt for comput ing square roots mod ulo a prim e | |||
| 5700 | (usin g the prob abilistic Tonelli-Sh anks algor ithm unles s | 2798 | (usin g the prob abilistic Tonelli-Sh anks algor ithm unles s | |||
| 5701 | p == 3 (mod 4) or p == 5 (mod 8), which ar e cases th at can | 2799 | p == 3 (mod 4) or p == 5 (mod 8), which ar e cases th at can | |||
| 5702 | be ha ndled dete rministica lly). | 2800 | be ha ndled dete rministica lly). | |||
| 5703 | [Lenk a Fibikova <fibikova @exp-math. uni-essen. de>, Bodo Moeller] | 2801 | [Lenk a Fibikova <fibikova @exp-math. uni-essen. de>, Bodo Moeller] | |||
| 5704 | 2802 | |||||
| 5705 | *) Make BN_mod_inv erse faste r by expli citly hand ling small quotients | 2803 | *) Make BN_mod_inv erse faste r by expli citly hand ling small quotients | |||
| 5706 | in th e Euclid l oop. (Spee d gain abo ut 20% for small mod uli [256 o r | 2804 | in th e Euclid l oop. (Spee d gain abo ut 20% for small mod uli [256 o r | |||
| 5707 | 512 b its], abou t 30% for larger one s [1024 or 2048 bits ].) | 2805 | 512 b its], abou t 30% for larger one s [1024 or 2048 bits ].) | |||
| 5708 | [Bodo Moeller] | 2806 | [Bodo Moeller] | |||
| 5709 | 2807 | |||||
| 5710 | *) New f unction BN _kronecker . | 2808 | *) New f unction BN _kronecker . | |||
| 5711 | [Bodo Moeller] | 2809 | [Bodo Moeller] | |||
| 5712 | 2810 | |||||
| 5713 | *) Fix B N_gcd so t hat it wor ks on nega tive input s; the res ult is | 2811 | *) Fix B N_gcd so t hat it wor ks on nega tive input s; the res ult is | |||
| 5714 | posit ive unless both para meters are zero. | 2812 | posit ive unless both para meters are zero. | |||
| 5715 | Previ ously some thing reas onably clo se to an i nfinite lo op was | 2813 | Previ ously some thing reas onably clo se to an i nfinite lo op was | |||
| 5716 | possi ble becaus e numbers could be g rowing ins tead of sh rinking | 2814 | possi ble becaus e numbers could be g rowing ins tead of sh rinking | |||
| 5717 | in th e implemen tation of Euclid's a lgorithm. | 2815 | in th e implemen tation of Euclid's a lgorithm. | |||
| 5718 | [Bodo Moeller] | 2816 | [Bodo Moeller] | |||
| 5719 | 2817 | |||||
| 5720 | *) Fix B N_is_word( ) and BN_i s_one() ma cros to ta ke into ac count the | 2818 | *) Fix B N_is_word( ) and BN_i s_one() ma cros to ta ke into ac count the | |||
| 5721 | sign of the num ber in que stion. | 2819 | sign of the num ber in que stion. | |||
| 5722 | 2820 | |||||
| 5723 | Fix B N_is_word( a,w) to wo rk correct ly for w = = 0. | 2821 | Fix B N_is_word( a,w) to wo rk correct ly for w = = 0. | |||
| 5724 | 2822 | |||||
| 5725 | The o ld BN_is_w ord(a,w) m acro is no w called B N_abs_is_w ord(a,w) | 2823 | The o ld BN_is_w ord(a,w) m acro is no w called B N_abs_is_w ord(a,w) | |||
| 5726 | becau se its tes t if the a bsolute va lue of 'a' equals 'w '. | 2824 | becau se its tes t if the a bsolute va lue of 'a' equals 'w '. | |||
| 5727 | Note that BN_ab s_is_word does *not* handle w == 0 relia bly; | 2825 | Note that BN_ab s_is_word does *not* handle w == 0 relia bly; | |||
| 5728 | it ex ists mostl y for use in the imp lementatio ns of BN_i s_zero(), | 2826 | it ex ists mostl y for use in the imp lementatio ns of BN_i s_zero(), | |||
| 5729 | BN_is _one(), an d BN_is_wo rd(). | 2827 | BN_is _one(), an d BN_is_wo rd(). | |||
| 5730 | [Bodo Moeller] | 2828 | [Bodo Moeller] | |||
| 5731 | 2829 | |||||
| 5732 | *) New f unction BN _swap. | 2830 | *) New f unction BN _swap. | |||
| 5733 | [Bodo Moeller] | 2831 | [Bodo Moeller] | |||
| 5734 | 2832 | |||||
| 5735 | *) Use B N_nnmod in stead of B N_mod in c rypto/bn/b n_exp.c so that | 2833 | *) Use B N_nnmod in stead of B N_mod in c rypto/bn/b n_exp.c so that | |||
| 5736 | the e xponentiat ion functi ons are mo re likely to produce reasonabl e | 2834 | the e xponentiat ion functi ons are mo re likely to produce reasonabl e | |||
| 5737 | resul ts on nega tive input s. | 2835 | resul ts on nega tive input s. | |||
| 5738 | [Bodo Moeller] | 2836 | [Bodo Moeller] | |||
| 5739 | 2837 | |||||
| 5740 | *) Chang e BN_mod_m ul so that the resul t is alway s non-nega tive. | 2838 | *) Chang e BN_mod_m ul so that the resul t is alway s non-nega tive. | |||
| 5741 | Previ ously, it could be n egative if one of th e factors was negati ve; | 2839 | Previ ously, it could be n egative if one of th e factors was negati ve; | |||
| 5742 | I don 't think a nyone real ly wanted that behav iour. | 2840 | I don 't think a nyone real ly wanted that behav iour. | |||
| 5743 | [Bodo Moeller] | 2841 | [Bodo Moeller] | |||
| 5744 | 2842 | |||||
| 5745 | *) Move BN_mod_... functions into new file crypt o/bn/bn_mo d.c | 2843 | *) Move BN_mod_... functions into new file crypt o/bn/bn_mo d.c | |||
| 5746 | (exce pt for exp onentiatio n, which s tays in cr ypto/bn/bn _exp.c, | 2844 | (exce pt for exp onentiatio n, which s tays in cr ypto/bn/bn _exp.c, | |||
| 5747 | and B N_mod_mul_ reciprocal , which st ays in cry pto/bn/bn_ recp.c) | 2845 | and B N_mod_mul_ reciprocal , which st ays in cry pto/bn/bn_ recp.c) | |||
| 5748 | and a dd new fun ctions: | 2846 | and a dd new fun ctions: | |||
| 5749 | 2847 | |||||
| 5750 | BN_nnmod | 2848 | BN_nnmod | |||
| 5751 | BN_mod_sqr | 2849 | BN_mod_sqr | |||
| 5752 | BN_mod_add | 2850 | BN_mod_add | |||
| 5753 | BN_mod_add _quick | 2851 | BN_mod_add _quick | |||
| 5754 | BN_mod_sub | 2852 | BN_mod_sub | |||
| 5755 | BN_mod_sub _quick | 2853 | BN_mod_sub _quick | |||
| 5756 | BN_mod_lsh ift1 | 2854 | BN_mod_lsh ift1 | |||
| 5757 | BN_mod_lsh ift1_quick | 2855 | BN_mod_lsh ift1_quick | |||
| 5758 | BN_mod_lsh ift | 2856 | BN_mod_lsh ift | |||
| 5759 | BN_mod_lsh ift_quick | 2857 | BN_mod_lsh ift_quick | |||
| 5760 | 2858 | |||||
| 5761 | These functions always ge nerate non -negative results. | 2859 | These functions always ge nerate non -negative results. | |||
| 5762 | 2860 | |||||
| 5763 | BN_nn mod otherw ise is lik e BN_mod ( if BN_mod computes a remainder r | 2861 | BN_nn mod otherw ise is lik e BN_mod ( if BN_mod computes a remainder r | |||
| 5764 | such that |m| < r < 0, BN_nnmod w ill output rem + |m | instead ). | 2862 | such that |m| < r < 0, BN_nnmod w ill output rem + |m | instead ). | |||
| 5765 | 2863 | |||||
| 5766 | BN_mo d_XXX_quic k(r, a, [b ,] m) gene rates the same resul t as | 2864 | BN_mo d_XXX_quic k(r, a, [b ,] m) gene rates the same resul t as | |||
| 5767 | BN_mo d_XXX(r, a , [b,] m, ctx), but requires t hat a [a nd b] | 2865 | BN_mo d_XXX(r, a , [b,] m, ctx), but requires t hat a [a nd b] | |||
| 5768 | be re duced modu lo m. | 2866 | be re duced modu lo m. | |||
| 5769 | [Lenk a Fibikova <fibikova @exp-math. uni-essen. de>, Bodo Moeller] | 2867 | [Lenk a Fibikova <fibikova @exp-math. uni-essen. de>, Bodo Moeller] | |||
| 5770 | 2868 | |||||
| 5771 | #if 0 | 2869 | #if 0 | |||
| 5772 | The f ollowing e ntry accid entily app eared in t he CHANGES file | 2870 | The f ollowing e ntry accid entily app eared in t he CHANGES file | |||
| 5773 | distr ibuted wit h OpenSSL 0.9.7. Th e modifica tions desc ribed in | 2871 | distr ibuted wit h OpenSSL 0.9.7. Th e modifica tions desc ribed in | |||
| 5774 | it do *not* app ly to Open SSL 0.9.7. | 2872 | it do *not* app ly to Open SSL 0.9.7. | |||
| 5775 | 2873 | |||||
| 5776 | *) Remov e a few ca lls to bn_ wexpand() in BN_sqr( ) (the one in there | 2874 | *) Remov e a few ca lls to bn_ wexpand() in BN_sqr( ) (the one in there | |||
| 5777 | was a ctually ne ver needed ) and in B N_mul(). The remova l in BN_mu l() | 2875 | was a ctually ne ver needed ) and in B N_mul(). The remova l in BN_mu l() | |||
| 5778 | requi red a smal l change i n bn_mul_p art_recurs ive() and the additi on | 2876 | requi red a smal l change i n bn_mul_p art_recurs ive() and the additi on | |||
| 5779 | of th e function s bn_cmp_p art_words( ), bn_sub_ part_words () and | 2877 | of th e function s bn_cmp_p art_words( ), bn_sub_ part_words () and | |||
| 5780 | bn_ad d_part_wor ds(), whic h do the s ame thing as bn_cmp_ words(), | 2878 | bn_ad d_part_wor ds(), whic h do the s ame thing as bn_cmp_ words(), | |||
| 5781 | bn_su b_words() and bn_add _words() e xcept they take arra ys with | 2879 | bn_su b_words() and bn_add _words() e xcept they take arra ys with | |||
| 5782 | diffe ring sizes . | 2880 | diffe ring sizes . | |||
| 5783 | [Rich ard Levitt e] | 2881 | [Rich ard Levitt e] | |||
| 5784 | #endif | 2882 | #endif | |||
| 5785 | 2883 | |||||
| 5786 | *) In 'o penssl pas swd', veri fy passwor ds read fr om the ter minal | 2884 | *) In 'o penssl pas swd', veri fy passwor ds read fr om the ter minal | |||
| 5787 | unles s the '-sa lt' option is used ( which usua lly means that | 2885 | unles s the '-sa lt' option is used ( which usua lly means that | |||
| 5788 | verif ication wo uld just w aste user' s time sin ce the res ulting | 2886 | verif ication wo uld just w aste user' s time sin ce the res ulting | |||
| 5789 | hash is going t o be compa red with s ome given password h ash) | 2887 | hash is going t o be compa red with s ome given password h ash) | |||
| 5790 | or th e new '-no verify' op tion is us ed. | 2888 | or th e new '-no verify' op tion is us ed. | |||
| 5791 | 2889 | |||||
| 5792 | This is an inco mpatible c hange, but it does n ot affect | 2890 | This is an inco mpatible c hange, but it does n ot affect | |||
| 5793 | non-i nteractive use of 'o penssl pas swd' (pass words on t he command | 2891 | non-i nteractive use of 'o penssl pas swd' (pass words on t he command | |||
| 5794 | line, '-stdin' option, '- in ...' op tion) and thus shoul d not | 2892 | line, '-stdin' option, '- in ...' op tion) and thus shoul d not | |||
| 5795 | cause any probl ems. | 2893 | cause any probl ems. | |||
| 5796 | [Bodo Moeller] | 2894 | [Bodo Moeller] | |||
| 5797 | 2895 | |||||
| 5798 | *) Remov e all refe rences to RSAref, si nce there' s no more need for i t. | 2896 | *) Remov e all refe rences to RSAref, si nce there' s no more need for i t. | |||
| 5799 | [Rich ard Levitt e] | 2897 | [Rich ard Levitt e] | |||
| 5800 | 2898 | |||||
| 5801 | *) Make DSO load a long a pat h given th rough an e nvironment variable | 2899 | *) Make DSO load a long a pat h given th rough an e nvironment variable | |||
| 5802 | (SHLI B_PATH) wi th shl_loa d(). | 2900 | (SHLI B_PATH) wi th shl_loa d(). | |||
| 5803 | [Rich ard Levitt e] | 2901 | [Rich ard Levitt e] | |||
| 5804 | 2902 | |||||
| 5805 | *) Const ify the EN GINE code as a resul t of BIGNU M constifi cation. | 2903 | *) Const ify the EN GINE code as a resul t of BIGNU M constifi cation. | |||
| 5806 | Also constify t he RSA cod e and most things re lated to i t. In a | 2904 | Also constify t he RSA cod e and most things re lated to i t. In a | |||
| 5807 | few p laces, mos t notable in the dep th of the ASN.1 code , ugly | 2905 | few p laces, mos t notable in the dep th of the ASN.1 code , ugly | |||
| 5808 | casts back to n on-const w ere requir ed (to be solved at a later | 2906 | casts back to n on-const w ere requir ed (to be solved at a later | |||
| 5809 | time) | 2907 | time) | |||
| 5810 | [Rich ard Levitt e] | 2908 | [Rich ard Levitt e] | |||
| 5811 | 2909 | |||||
| 5812 | *) Make it so the openssl ap plication has all en gines load ed by defa ult. | 2910 | *) Make it so the openssl ap plication has all en gines load ed by defa ult. | |||
| 5813 | [Rich ard Levitt e] | 2911 | [Rich ard Levitt e] | |||
| 5814 | 2912 | |||||
| 5815 | *) Const ify the BI GNUM routi nes a litt le more. | 2913 | *) Const ify the BI GNUM routi nes a litt le more. | |||
| 5816 | [Rich ard Levitt e] | 2914 | [Rich ard Levitt e] | |||
| 5817 | 2915 | |||||
| 5818 | *) Add t he followi ng functio ns: | 2916 | *) Add t he followi ng functio ns: | |||
| 5819 | 2917 | |||||
| 5820 | EN GINE_load_ cswift() | 2918 | EN GINE_load_ cswift() | |||
| 5821 | EN GINE_load_ chil() | 2919 | EN GINE_load_ chil() | |||
| 5822 | EN GINE_load_ atalla() | 2920 | EN GINE_load_ atalla() | |||
| 5823 | EN GINE_load_ nuron() | 2921 | EN GINE_load_ nuron() | |||
| 5824 | EN GINE_load_ builtin_en gines() | 2922 | EN GINE_load_ builtin_en gines() | |||
| 5825 | 2923 | |||||
| 5826 | That way, an ap plication can itself choose if external engines th at | 2924 | That way, an ap plication can itself choose if external engines th at | |||
| 5827 | are b uilt-in in OpenSSL s hall ever be used or not. The benefit i s | 2925 | are b uilt-in in OpenSSL s hall ever be used or not. The benefit i s | |||
| 5828 | that applicatio ns won't h ave to be linked wit h libdl or other dso | 2926 | that applicatio ns won't h ave to be linked wit h libdl or other dso | |||
| 5829 | libra ries unles s it's rea lly needed . | 2927 | libra ries unles s it's rea lly needed . | |||
| 5830 | 2928 | |||||
| 5831 | Chang ed 'openss l engine' to load al l engines on demand. | 2929 | Chang ed 'openss l engine' to load al l engines on demand. | |||
| 5832 | Chang ed the eng ine header files to avoid the duplicatio n of some | 2930 | Chang ed the eng ine header files to avoid the duplicatio n of some | |||
| 5833 | decla rations (t hey differ ed!). | 2931 | decla rations (t hey differ ed!). | |||
| 5834 | [Rich ard Levitt e] | 2932 | [Rich ard Levitt e] | |||
| 5835 | 2933 | |||||
| 5836 | *) 'open ssl engine ' can now list capab ilities. | 2934 | *) 'open ssl engine ' can now list capab ilities. | |||
| 5837 | [Rich ard Levitt e] | 2935 | [Rich ard Levitt e] | |||
| 5838 | 2936 | |||||
| 5839 | *) Bette r error re porting in 'openssl engine'. | 2937 | *) Bette r error re porting in 'openssl engine'. | |||
| 5840 | [Rich ard Levitt e] | 2938 | [Rich ard Levitt e] | |||
| 5841 | 2939 | |||||
| 5842 | *) Never call load _dh_param( NULL) in s _server. | 2940 | *) Never call load _dh_param( NULL) in s _server. | |||
| 5843 | [Bodo Moeller] | 2941 | [Bodo Moeller] | |||
| 5844 | 2942 | |||||
| 5845 | *) Add e ngine appl ication. It can cur rently lis t engines by name an d | 2943 | *) Add e ngine appl ication. It can cur rently lis t engines by name an d | |||
| 5846 | ident ity, and t est if the y are actu ally avail able. | 2944 | ident ity, and t est if the y are actu ally avail able. | |||
| 5847 | [Rich ard Levitt e] | 2945 | [Rich ard Levitt e] | |||
| 5848 | 2946 | |||||
| 5849 | *) Impro ve RPM spe cification file by f orcing sym bolic link ing and ma king | 2947 | *) Impro ve RPM spe cification file by f orcing sym bolic link ing and ma king | |||
| 5850 | sure the instal led docume ntation is also owne d by root. root. | 2948 | sure the instal led docume ntation is also owne d by root. root. | |||
| 5851 | [Dami en Miller <djm@mindr ot.org>] | 2949 | [Dami en Miller <djm@mindr ot.org>] | |||
| 5852 | 2950 | |||||
| 5853 | *) Give the OpenSS L applicat ions more possibilit ies to mak e use of | 2951 | *) Give the OpenSS L applicat ions more possibilit ies to mak e use of | |||
| 5854 | keys (public as well as p rivate) ha ndled by e ngines. | 2952 | keys (public as well as p rivate) ha ndled by e ngines. | |||
| 5855 | [Rich ard Levitt e] | 2953 | [Rich ard Levitt e] | |||
| 5856 | 2954 | |||||
| 5857 | *) Add O CSP code t hat comes from CertC o. | 2955 | *) Add O CSP code t hat comes from CertC o. | |||
| 5858 | [Rich ard Levitt e] | 2956 | [Rich ard Levitt e] | |||
| 5859 | 2957 | |||||
| 5860 | *) Add V MS support for the R ijndael co de. | 2958 | *) Add V MS support for the R ijndael co de. | |||
| 5861 | [Rich ard Levitt e] | 2959 | [Rich ard Levitt e] | |||
| 5862 | 2960 | |||||
| 5863 | *) Added untested support fo r Nuron cr ypto accel erator. | 2961 | *) Added untested support fo r Nuron cr ypto accel erator. | |||
| 5864 | [Ben Laurie] | 2962 | [Ben Laurie] | |||
| 5865 | 2963 | |||||
| 5866 | *) Add s upport for external cryptograp hic device s. This c ode was | 2964 | *) Add s upport for external cryptograp hic device s. This c ode was | |||
| 5867 | previ ously dist ributed se parately a s the "eng ine" branc h. | 2965 | previ ously dist ributed se parately a s the "eng ine" branc h. | |||
| 5868 | [Geof f Thorpe, Richard Le vitte] | 2966 | [Geof f Thorpe, Richard Le vitte] | |||
| 5869 | 2967 | |||||
| 5870 | *) Rewor k the file name-trans lation in the DSO co de. It is now possib le to | 2968 | *) Rewor k the file name-trans lation in the DSO co de. It is now possib le to | |||
| 5871 | have far greate r control over how a "name" is turned in to a filen ame | 2969 | have far greate r control over how a "name" is turned in to a filen ame | |||
| 5872 | depen ding on th e operatin g environm ent and an y oddities about the | 2970 | depen ding on th e operatin g environm ent and an y oddities about the | |||
| 5873 | diffe rent share d library filenames on each sy stem. | 2971 | diffe rent share d library filenames on each sy stem. | |||
| 5874 | [Geof f Thorpe] | 2972 | [Geof f Thorpe] | |||
| 5875 | 2973 | |||||
| 5876 | *) Suppo rt threads on FreeBS D-elf in C onfigure. | 2974 | *) Suppo rt threads on FreeBS D-elf in C onfigure. | |||
| 5877 | [Rich ard Levitt e] | 2975 | [Rich ard Levitt e] | |||
| 5878 | 2976 | |||||
| 5879 | *) Fix f or SHA1 as sembly pro blem with MASM: it p roduces | 2977 | *) Fix f or SHA1 as sembly pro blem with MASM: it p roduces | |||
| 5880 | warni ngs about corrupt li ne number informatio n when ass embling | 2978 | warni ngs about corrupt li ne number informatio n when ass embling | |||
| 5881 | with debugging informatio n. This is caused by the overl apping | 2979 | with debugging informatio n. This is caused by the overl apping | |||
| 5882 | of tw o sections . | 2980 | of tw o sections . | |||
| 5883 | [Bern d Matthes <mainbug@c elocom.de> , Steve He nson] | 2981 | [Bern d Matthes <mainbug@c elocom.de> , Steve He nson] | |||
| 5884 | 2982 | |||||
| 5885 | *) NCONF changes. | 2983 | *) NCONF changes. | |||
| 5886 | NCONF _get_numbe r() has no error che cking at a ll. As a replacemen t, | 2984 | NCONF _get_numbe r() has no error che cking at a ll. As a replacemen t, | |||
| 5887 | NCONF _get_numbe r_e() is d efined (_e for "erro r checking ") and is | 2985 | NCONF _get_numbe r_e() is d efined (_e for "erro r checking ") and is | |||
| 5888 | promo ted strong ly. The o ld NCONF_g et_number is kept ar ound for | 2986 | promo ted strong ly. The o ld NCONF_g et_number is kept ar ound for | |||
| 5889 | binar y backward compatibi lity. | 2987 | binar y backward compatibi lity. | |||
| 5890 | Make it possibl e for meth ods to loa d from som ething oth er than a BIO, | 2988 | Make it possibl e for meth ods to loa d from som ething oth er than a BIO, | |||
| 5891 | by pr oviding a function p ointer tha t is given a name in stead of a BIO. | 2989 | by pr oviding a function p ointer tha t is given a name in stead of a BIO. | |||
| 5892 | For e xample, th is could b e used to load confi guration d ata from a n | 2990 | For e xample, th is could b e used to load confi guration d ata from a n | |||
| 5893 | LDAP server. | 2991 | LDAP server. | |||
| 5894 | [Rich ard Levitt e] | 2992 | [Rich ard Levitt e] | |||
| 5895 | 2993 | |||||
| 5896 | *) Fix f or non blo cking acce pt BIOs. A dded new I /O special reason | 2994 | *) Fix f or non blo cking acce pt BIOs. A dded new I /O special reason | |||
| 5897 | BIO_R R_ACCEPT t o cover th is case. P reviously use of acc ept BIOs | 2995 | BIO_R R_ACCEPT t o cover th is case. P reviously use of acc ept BIOs | |||
| 5898 | with non blocki ng I/O was not possi ble becaus e no retry code was | 2996 | with non blocki ng I/O was not possi ble becaus e no retry code was | |||
| 5899 | imple mented. Al so added n ew SSL cod e SSL_WANT _ACCEPT to cover | 2997 | imple mented. Al so added n ew SSL cod e SSL_WANT _ACCEPT to cover | |||
| 5900 | this case. | 2998 | this case. | |||
| 5901 | [Stev e Henson] | 2999 | [Stev e Henson] | |||
| 5902 | 3000 | |||||
| 5903 | *) Added the begin nings of R ijndael su pport. | 3001 | *) Added the begin nings of R ijndael su pport. | |||
| 5904 | [Ben Laurie] | 3002 | [Ben Laurie] | |||
| 5905 | 3003 | |||||
| 5906 | *) Fix f or bug in DirectoryS tring mask setting. Add suppor t for | 3004 | *) Fix f or bug in DirectoryS tring mask setting. Add suppor t for | |||
| 5907 | X509_ NAME_print _ex() in ' req' and X 509_print_ ex() funct ion | 3005 | X509_ NAME_print _ex() in ' req' and X 509_print_ ex() funct ion | |||
| 5908 | to al low certif icate prin ting to mo re control lable, add itional | 3006 | to al low certif icate prin ting to mo re control lable, add itional | |||
| 5909 | 'cert opt' optio n to 'x509 ' to allow new print ing option s to be | 3007 | 'cert opt' optio n to 'x509 ' to allow new print ing option s to be | |||
| 5910 | set. | 3008 | set. | |||
| 5911 | [Stev e Henson] | 3009 | [Stev e Henson] | |||
| 5912 | 3010 | |||||
| 5913 | *) Clean old EAY M D5 hack fr om e_os.h. | 3011 | *) Clean old EAY M D5 hack fr om e_os.h. | |||
| 5914 | [Rich ard Levitt e] | 3012 | [Rich ard Levitt e] | |||
| 5915 | 3013 | |||||
| 5916 | Changes b etween 0.9 .6l and 0. 9.6m [17 Mar 2004] | 3014 | Changes b etween 0.9 .6l and 0. 9.6m [17 Mar 2004] | |||
| 5917 | 3015 | |||||
| 5918 | *) Fix n ull-pointe r assignme nt in do_c hange_ciph er_spec() revealed | 3016 | *) Fix n ull-pointe r assignme nt in do_c hange_ciph er_spec() revealed | |||
| 5919 | by us ing the Co denomicon TLS Test T ool (CVE-2 004-0079) | 3017 | by us ing the Co denomicon TLS Test T ool (CAN-2 004-0079) | |||
| 5920 | [Joe Orton, Ste ve Henson] | 3018 | [Joe Orton, Ste ve Henson] | |||
| 5921 | 3019 | |||||
| 5922 | Changes b etween 0.9 .6k and 0. 9.6l [04 Nov 2003] | 3020 | Changes b etween 0.9 .6k and 0. 9.6l [04 Nov 2003] | |||
| 5923 | 3021 | |||||
| 5924 | *) Fix a dditional bug reveal ed by the NISCC test suite: | 3022 | *) Fix a dditional bug reveal ed by the NISCC test suite: | |||
| 5925 | 3023 | |||||
| 5926 | Stop bug trigge ring large recursion when pres ented with | 3024 | Stop bug trigge ring large recursion when pres ented with | |||
| 5927 | certa in ASN.1 t ags (CVE-2 003-0851) | 3025 | certa in ASN.1 t ags (CAN-2 003-0851) | |||
| 5928 | [Stev e Henson] | 3026 | [Stev e Henson] | |||
| 5929 | 3027 | |||||
| 5930 | Changes b etween 0.9 .6j and 0. 9.6k [30 Sep 2003] | 3028 | Changes b etween 0.9 .6j and 0. 9.6k [30 Sep 2003] | |||
| 5931 | 3029 | |||||
| 5932 | *) Fix v arious bug s revealed by runnin g the NISC C test sui te: | 3030 | *) Fix v arious bug s revealed by runnin g the NISC C test sui te: | |||
| 5933 | 3031 | |||||
| 5934 | Stop out of bou nds reads in the ASN 1 code whe n presente d with | 3032 | Stop out of bou nds reads in the ASN 1 code whe n presente d with | |||
| 5935 | inval id tags (C VE-2003-05 43 and CVE -2003-0544 ). | 3033 | inval id tags (C AN-2003-05 43 and CAN -2003-0544 ). | |||
| 5936 | 3034 | |||||
| 5937 | If ve rify callb ack ignore s invalid public key errors do n't try to check | 3035 | If ve rify callb ack ignore s invalid public key errors do n't try to check | |||
| 5938 | certi ficate sig nature wit h the NULL public ke y. | 3036 | certi ficate sig nature wit h the NULL public ke y. | |||
| 5939 | 3037 | |||||
| 5940 | [Stev e Henson] | 3038 | [Stev e Henson] | |||
| 5941 | 3039 | |||||
| 5942 | *) In ss l3_accept( ) (ssl/s3_ srvr.c) on ly accept a client c ertificate | 3040 | *) In ss l3_accept( ) (ssl/s3_ srvr.c) on ly accept a client c ertificate | |||
| 5943 | if th e server r equested o ne: as sta ted in TLS 1.0 and S SL 3.0 | 3041 | if th e server r equested o ne: as sta ted in TLS 1.0 and S SL 3.0 | |||
| 5944 | speci fications. | 3042 | speci fications. | |||
| 5945 | [Stev e Henson] | 3043 | [Stev e Henson] | |||
| 5946 | 3044 | |||||
| 5947 | *) In ss l3_get_cli ent_hello( ) (ssl/s3_ srvr.c), t olerate ad ditional | 3045 | *) In ss l3_get_cli ent_hello( ) (ssl/s3_ srvr.c), t olerate ad ditional | |||
| 5948 | extra data afte r the comp ression me thods not only for T LS 1.0 | 3046 | extra data afte r the comp ression me thods not only for T LS 1.0 | |||
| 5949 | but a lso for SS L 3.0 (as required b y the spec ification) . | 3047 | but a lso for SS L 3.0 (as required b y the spec ification) . | |||
| 5950 | [Bodo Moeller; problem po inted out by Matthia s Loepfe] | 3048 | [Bodo Moeller; problem po inted out by Matthia s Loepfe] | |||
| 5951 | 3049 | |||||
| 5952 | *) Chang e X509_cer tificate_t ype() to m ark the ke y as expor ted/export able | 3050 | *) Chang e X509_cer tificate_t ype() to m ark the ke y as expor ted/export able | |||
| 5953 | when it's 512 * bits* long , not 512 bytes. | 3051 | when it's 512 * bits* long , not 512 bytes. | |||
| 5954 | [Rich ard Levitt e] | 3052 | [Rich ard Levitt e] | |||
| 5955 | 3053 | |||||
| 5956 | Changes b etween 0.9 .6i and 0. 9.6j [10 Apr 2003] | 3054 | Changes b etween 0.9 .6i and 0. 9.6j [10 Apr 2003] | |||
| 5957 | 3055 | |||||
| 5958 | *) Count ermeasure against th e Klima-Po korny-Rosa extension of | 3056 | *) Count ermeasure against th e Klima-Po korny-Rosa extension of | |||
| 5959 | Bleic hbacher's attack on PKCS #1 v1 .5 padding : treat | 3057 | Bleic hbacher's attack on PKCS #1 v1 .5 padding : treat | |||
| 5960 | a pro tocol vers ion number mismatch like a dec ryption er ror | 3058 | a pro tocol vers ion number mismatch like a dec ryption er ror | |||
| 5961 | in ss l3_get_cli ent_key_ex change (ss l/s3_srvr. c). | 3059 | in ss l3_get_cli ent_key_ex change (ss l/s3_srvr. c). | |||
| 5962 | [Bodo Moeller] | 3060 | [Bodo Moeller] | |||
| 5963 | 3061 | |||||
| 5964 | *) Turn on RSA bli nding by d efault in the defaul t implemen tation | 3062 | *) Turn on RSA bli nding by d efault in the defaul t implemen tation | |||
| 5965 | to av oid a timi ng attack. Applicati ons that d on't want it can cal l | 3063 | to av oid a timi ng attack. Applicati ons that d on't want it can cal l | |||
| 5966 | RSA_b linding_of f() or use the new f lag RSA_FL AG_NO_BLIN DING. | 3064 | RSA_b linding_of f() or use the new f lag RSA_FL AG_NO_BLIN DING. | |||
| 5967 | They would be i ll-advised to do so in most ca ses. | 3065 | They would be i ll-advised to do so in most ca ses. | |||
| 5968 | [Ben Laurie, St eve Henson , Geoff Th orpe, Bodo Moeller] | 3066 | [Ben Laurie, St eve Henson , Geoff Th orpe, Bodo Moeller] | |||
| 5969 | 3067 | |||||
| 5970 | *) Chang e RSA blin ding code so that it works whe n the PRNG is not | 3068 | *) Chang e RSA blin ding code so that it works whe n the PRNG is not | |||
| 5971 | seede d (in this case, the secret RS A exponent is abused as | 3069 | seede d (in this case, the secret RS A exponent is abused as | |||
| 5972 | an un predictabl e seed -- if it is n ot unpredi ctable, th ere | 3070 | an un predictabl e seed -- if it is n ot unpredi ctable, th ere | |||
| 5973 | is no point in blinding a nyway). M ake RSA bl inding thr ead-safe | 3071 | is no point in blinding a nyway). M ake RSA bl inding thr ead-safe | |||
| 5974 | by re membering the creato r's thread ID in rsa ->blinding and | 3072 | by re membering the creato r's thread ID in rsa ->blinding and | |||
| 5975 | havin g all othe r threads use local one-time b linding fa ctors | 3073 | havin g all othe r threads use local one-time b linding fa ctors | |||
| 5976 | (this requires more compu tation tha n sharing rsa->blind ing, but | 3074 | (this requires more compu tation tha n sharing rsa->blind ing, but | |||
| 5977 | avoid s excessiv e locking; and if an RSA objec t is not s hared | 3075 | avoid s excessiv e locking; and if an RSA objec t is not s hared | |||
| 5978 | betwe en threads , blinding will stil l be very fast). | 3076 | betwe en threads , blinding will stil l be very fast). | |||
| 5979 | [Bodo Moeller] | 3077 | [Bodo Moeller] | |||
| 5980 | 3078 | |||||
| 5981 | Changes b etween 0.9 .6h and 0. 9.6i [19 Feb 2003] | 3079 | Changes b etween 0.9 .6h and 0. 9.6i [19 Feb 2003] | |||
| 5982 | 3080 | |||||
| 5983 | *) In ss l3_get_rec ord (ssl/s 3_pkt.c), minimize i nformation leaked | 3081 | *) In ss l3_get_rec ord (ssl/s 3_pkt.c), minimize i nformation leaked | |||
| 5984 | via t iming by p erforming a MAC comp utation ev en if inco rrrect | 3082 | via t iming by p erforming a MAC comp utation ev en if inco rrrect | |||
| 5985 | block cipher pa dding has been found . This is a counter measure | 3083 | block cipher pa dding has been found . This is a counter measure | |||
| 5986 | again st active attacks wh ere the at tacker has to distin guish | 3084 | again st active attacks wh ere the at tacker has to distin guish | |||
| 5987 | betwe en bad pad ding and a MAC verif ication er ror. (CVE- 2003-0078) | 3085 | betwe en bad pad ding and a MAC verif ication er ror. (CAN- 2003-0078) | |||
| 5988 | 3086 | |||||
| 5989 | [Bodo Moeller; problem po inted out by Brice C anvel (EPF L), | 3087 | [Bodo Moeller; problem po inted out by Brice C anvel (EPF L), | |||
| 5990 | Alain Hiltgen ( UBS), Serg e Vaudenay (EPFL), a nd | 3088 | Alain Hiltgen ( UBS), Serg e Vaudenay (EPFL), a nd | |||
| 5991 | Marti n Vuagnoux (EPFL, Il ion)] | 3089 | Marti n Vuagnoux (EPFL, Il ion)] | |||
| 5992 | 3090 | |||||
| 5993 | Changes b etween 0.9 .6g and 0. 9.6h [5 D ec 2002] | 3091 | Changes b etween 0.9 .6g and 0. 9.6h [5 D ec 2002] | |||
| 5994 | 3092 | |||||
| 5995 | *) New f unction OP ENSSL_clea nse(), whi ch is used to cleans e a sectio n of | 3093 | *) New f unction OP ENSSL_clea nse(), whi ch is used to cleans e a sectio n of | |||
| 5996 | memor y from it' s contents . This is done with a counter that will | 3094 | memor y from it' s contents . This is done with a counter that will | |||
| 5997 | place alternati ng values in each by te. This can be use d to solve | 3095 | place alternati ng values in each by te. This can be use d to solve | |||
| 5998 | two i ssues: 1) the remova l of calls to memset () by high ly optimiz ing | 3096 | two i ssues: 1) the remova l of calls to memset () by high ly optimiz ing | |||
| 5999 | compi lers, and 2) cleansi ng with ot her values than 0, s ince those can | 3097 | compi lers, and 2) cleansi ng with ot her values than 0, s ince those can | |||
| 6000 | be re ad through on certai n media, f or example a swap sp ace on dis k. | 3098 | be re ad through on certai n media, f or example a swap sp ace on dis k. | |||
| 6001 | [Geof f Thorpe] | 3099 | [Geof f Thorpe] | |||
| 6002 | 3100 | |||||
| 6003 | *) Bugfi x: client side sessi on caching did not w ork with e xternal ca ching, | 3101 | *) Bugfi x: client side sessi on caching did not w ork with e xternal ca ching, | |||
| 6004 | becau se the ses sion->ciph er setting was not r estored wh en reloadi ng | 3102 | becau se the ses sion->ciph er setting was not r estored wh en reloadi ng | |||
| 6005 | from the extern al cache. This probl em was mas ked, when | 3103 | from the extern al cache. This probl em was mas ked, when | |||
| 6006 | SSL_O P_NETSCAPE _REUSE_CIP HER_CHANGE _BUG (part of SSL_OP _ALL) was set. | 3104 | SSL_O P_NETSCAPE _REUSE_CIP HER_CHANGE _BUG (part of SSL_OP _ALL) was set. | |||
| 6007 | (Foun d by Steve Haslam <s teve@araqn id.ddts.ne t>.) | 3105 | (Foun d by Steve Haslam <s teve@araqn id.ddts.ne t>.) | |||
| 6008 | [Lutz Jaenicke] | 3106 | [Lutz Jaenicke] | |||
| 6009 | 3107 | |||||
| 6010 | *) Fix c lient_cert ificate (s sl/s2_clnt .c): The p ermissible total | 3108 | *) Fix c lient_cert ificate (s sl/s2_clnt .c): The p ermissible total | |||
| 6011 | lengt h of the R EQUEST-CER TIFICATE m essage is 18 .. 34, not 17 .. 33. | 3109 | lengt h of the R EQUEST-CER TIFICATE m essage is 18 .. 34, not 17 .. 33. | |||
| 6012 | [Zeev Lieber <z eev-l@yaho o.com>] | 3110 | [Zeev Lieber <z eev-l@yaho o.com>] | |||
| 6013 | 3111 | |||||
| 6014 | *) Undo an undocum ented chan ge introdu ced in 0.9 .6e which caused | 3112 | *) Undo an undocum ented chan ge introdu ced in 0.9 .6e which caused | |||
| 6015 | repea ted calls to OpenSSL _add_all_c iphers() a nd | 3113 | repea ted calls to OpenSSL _add_all_c iphers() a nd | |||
| 6016 | OpenS SL_add_all _digests() to be ign ored, even after cal ling | 3114 | OpenS SL_add_all _digests() to be ign ored, even after cal ling | |||
| 6017 | EVP_c leanup(). | 3115 | EVP_c leanup(). | |||
| 6018 | [Rich ard Levitt e] | 3116 | [Rich ard Levitt e] | |||
| 6019 | 3117 | |||||
| 6020 | *) Chang e the defa ult config uration re ader to de al with la st line no t | 3118 | *) Chang e the defa ult config uration re ader to de al with la st line no t | |||
| 6021 | being properly terminated . | 3119 | being properly terminated . | |||
| 6022 | [Rich ard Levitt e] | 3120 | [Rich ard Levitt e] | |||
| 6023 | 3121 | |||||
| 6024 | *) Chang e X509_NAM E_cmp() so it applie s the spec ial rules on handlin g | 3122 | *) Chang e X509_NAM E_cmp() so it applie s the spec ial rules on handlin g | |||
| 6025 | DN va lues that are of typ e Printabl eString, a s well as RDNs of ty pe | 3123 | DN va lues that are of typ e Printabl eString, a s well as RDNs of ty pe | |||
| 6026 | email Address wh ere the va lue has th e type ia5 String. | 3124 | email Address wh ere the va lue has th e type ia5 String. | |||
| 6027 | [stef ank@valice rt.com via Richard L evitte] | 3125 | [stef ank@valice rt.com via Richard L evitte] | |||
| 6028 | 3126 | |||||
| 6029 | *) Add a SSL_SESS_ CACHE_NO_I NTERNAL_ST ORE flag t o take ove r half | 3127 | *) Add a SSL_SESS_ CACHE_NO_I NTERNAL_ST ORE flag t o take ove r half | |||
| 6030 | the j ob SSL_SES S_CACHE_NO _INTERNAL_ LOOKUP was inconsist ently | 3128 | the j ob SSL_SES S_CACHE_NO _INTERNAL_ LOOKUP was inconsist ently | |||
| 6031 | doing , define a new flag (SSL_SESS_ CACHE_NO_I NTERNAL) t o be | 3129 | doing , define a new flag (SSL_SESS_ CACHE_NO_I NTERNAL) t o be | |||
| 6032 | the b itwise-OR of the two for use b y the majo rity of ap plications | 3130 | the b itwise-OR of the two for use b y the majo rity of ap plications | |||
| 6033 | wanti ng this be haviour, a nd update the docs. The docume nted | 3131 | wanti ng this be haviour, a nd update the docs. The docume nted | |||
| 6034 | behav iour and a ctual beha viour were inconsist ent and ha d been | 3132 | behav iour and a ctual beha viour were inconsist ent and ha d been | |||
| 6035 | chang ing anyway , so this is more a bug-fix th an a behav ioural | 3133 | chang ing anyway , so this is more a bug-fix th an a behav ioural | |||
| 6036 | chang e. | 3134 | chang e. | |||
| 6037 | [Geof f Thorpe, diagnosed by Nadav H ar'El] | 3135 | [Geof f Thorpe, diagnosed by Nadav H ar'El] | |||
| 6038 | 3136 | |||||
| 6039 | *) Don't impose a 16-byte le ngth minim um on sess ion IDs in ssl/s3_cl nt.c | 3137 | *) Don't impose a 16-byte le ngth minim um on sess ion IDs in ssl/s3_cl nt.c | |||
| 6040 | (the SSL 3.0 an d TLS 1.0 specificat ions allow any lengt h up to 32 bytes). | 3138 | (the SSL 3.0 an d TLS 1.0 specificat ions allow any lengt h up to 32 bytes). | |||
| 6041 | [Bodo Moeller] | 3139 | [Bodo Moeller] | |||
| 6042 | 3140 | |||||
| 6043 | *) Fix i nitializat ion code r ace condit ions in | 3141 | *) Fix i nitializat ion code r ace condit ions in | |||
| 6044 | SS Lv23_metho d(), SSLv 23_client_ method(), SSLv23_s erver_meth od(), | 3142 | SS Lv23_metho d(), SSLv 23_client_ method(), SSLv23_s erver_meth od(), | |||
| 6045 | SS Lv2_method (), SSLv 2_client_m ethod(), SSLv2_se rver_metho d(), | 3143 | SS Lv2_method (), SSLv 2_client_m ethod(), SSLv2_se rver_metho d(), | |||
| 6046 | SS Lv3_method (), SSLv 3_client_m ethod(), SSLv3_se rver_metho d(), | 3144 | SS Lv3_method (), SSLv 3_client_m ethod(), SSLv3_se rver_metho d(), | |||
| 6047 | TL Sv1_method (), TLSv 1_client_m ethod(), TLSv1_se rver_metho d(), | 3145 | TL Sv1_method (), TLSv 1_client_m ethod(), TLSv1_se rver_metho d(), | |||
| 6048 | ss l2_get_cip her_by_cha r(), | 3146 | ss l2_get_cip her_by_cha r(), | |||
| 6049 | ss l3_get_cip her_by_cha r(). | 3147 | ss l3_get_cip her_by_cha r(). | |||
| 6050 | [Patr ick McCorm ick <patri ck@tellme. com>, Bodo Moeller] | 3148 | [Patr ick McCorm ick <patri ck@tellme. com>, Bodo Moeller] | |||
| 6051 | 3149 | |||||
| 6052 | *) Reord er cleanup sequence in SSL_CTX _free(): o nly remove the ex_da ta after | 3150 | *) Reord er cleanup sequence in SSL_CTX _free(): o nly remove the ex_da ta after | |||
| 6053 | the c ached sess ions are f lushed, as the remov e_cb() mig ht use ex_ data | 3151 | the c ached sess ions are f lushed, as the remov e_cb() mig ht use ex_ data | |||
| 6054 | conte nts. Bug f ound by Sa m Varshavc hik <mrsam @courier-m ta.com> | 3152 | conte nts. Bug f ound by Sa m Varshavc hik <mrsam @courier-m ta.com> | |||
| 6055 | (see [openssl.o rg #212]). | 3153 | (see [openssl.o rg #212]). | |||
| 6056 | [Geof f Thorpe, Lutz Jaeni cke] | 3154 | [Geof f Thorpe, Lutz Jaeni cke] | |||
| 6057 | 3155 | |||||
| 6058 | *) Fix t ypo in OBJ _txt2obj w hich incor rectly pas sed the co ntent | 3156 | *) Fix t ypo in OBJ _txt2obj w hich incor rectly pas sed the co ntent | |||
| 6059 | lengt h, instead of the en coding len gth to d2i _ASN1_OBJE CT. | 3157 | lengt h, instead of the en coding len gth to d2i _ASN1_OBJE CT. | |||
| 6060 | [Stev e Henson] | 3158 | [Stev e Henson] | |||
| 6061 | 3159 | |||||
| 6062 | Changes b etween 0.9 .6f and 0. 9.6g [9 A ug 2002] | 3160 | Changes b etween 0.9 .6f and 0. 9.6g [9 A ug 2002] | |||
| 6063 | 3161 | |||||
| 6064 | *) [In 0 .9.6g-engi ne release :] | 3162 | *) [In 0 .9.6g-engi ne release :] | |||
| 6065 | Fix c rypto/engi ne/vendor_ defns/cswi ft.h for W IN32 (use '_stdcall' ). | 3163 | Fix c rypto/engi ne/vendor_ defns/cswi ft.h for W IN32 (use '_stdcall' ). | |||
| 6066 | [Lynn Gazis <lg azis@rainb ow.com>] | 3164 | [Lynn Gazis <lg azis@rainb ow.com>] | |||
| 6067 | 3165 | |||||
| 6068 | Changes b etween 0.9 .6e and 0. 9.6f [8 A ug 2002] | 3166 | Changes b etween 0.9 .6e and 0. 9.6f [8 A ug 2002] | |||
| 6069 | 3167 | |||||
| 6070 | *) Fix A SN1 checks . Check fo r overflow by compar ing with L ONG_MAX | 3168 | *) Fix A SN1 checks . Check fo r overflow by compar ing with L ONG_MAX | |||
| 6071 | and g et fix the header le ngth calcu lation. | 3169 | and g et fix the header le ngth calcu lation. | |||
| 6072 | [Flor ian Weimer <Weimer@C ERT.Uni-St uttgart.DE >, | 3170 | [Flor ian Weimer <Weimer@C ERT.Uni-St uttgart.DE >, | |||
| 6073 | Al on Kantor <alonk@che ckpoint.co m> (and ot hers), | 3171 | Al on Kantor <alonk@che ckpoint.co m> (and ot hers), | |||
| 6074 | St eve Henson ] | 3172 | St eve Henson ] | |||
| 6075 | 3173 | |||||
| 6076 | *) Use p roper erro r handling instead o f 'asserti ons' in bu ffer | 3174 | *) Use p roper erro r handling instead o f 'asserti ons' in bu ffer | |||
| 6077 | overf low checks added in 0.9.6e. T his preven ts DoS (th e | 3175 | overf low checks added in 0.9.6e. T his preven ts DoS (th e | |||
| 6078 | asser tions coul d call abo rt()). | 3176 | asser tions coul d call abo rt()). | |||
| 6079 | [Arne Ansper <a rne@ats.cy ber.ee>, B odo Moelle r] | 3177 | [Arne Ansper <a rne@ats.cy ber.ee>, B odo Moelle r] | |||
| 6080 | 3178 | |||||
| 6081 | Changes b etween 0.9 .6d and 0. 9.6e [30 Jul 2002] | 3179 | Changes b etween 0.9 .6d and 0. 9.6e [30 Jul 2002] | |||
| 6082 | 3180 | |||||
| 6083 | *) Add v arious san ity checks to asn1_g et_length( ) to rejec t | 3181 | *) Add v arious san ity checks to asn1_g et_length( ) to rejec t | |||
| 6084 | the A SN1 length bytes if they excee d sizeof(l ong), will appear | 3182 | the A SN1 length bytes if they excee d sizeof(l ong), will appear | |||
| 6085 | negat ive or the content l ength exce eds the le ngth of th e | 3183 | negat ive or the content l ength exce eds the le ngth of th e | |||
| 6086 | suppl ied buffer . | 3184 | suppl ied buffer . | |||
| 6087 | [Stev e Henson, Adi Stav < stav@mercu ry.co.il>, James Yon an <jim@nt lp.com>] | 3185 | [Stev e Henson, Adi Stav < stav@mercu ry.co.il>, James Yon an <jim@nt lp.com>] | |||
| 6088 | 3186 | |||||
| 6089 | *) Fix c ipher sele ction rout ines: ciph ers withou t encrypti on had no flags | 3187 | *) Fix c ipher sele ction rout ines: ciph ers withou t encrypti on had no flags | |||
| 6090 | for t he cipher strength s et and whe re therefo re not han dled corre ctly | 3188 | for t he cipher strength s et and whe re therefo re not han dled corre ctly | |||
| 6091 | by th e selectio n routines (PR #130) . | 3189 | by th e selectio n routines (PR #130) . | |||
| 6092 | [Lutz Jaenicke] | 3190 | [Lutz Jaenicke] | |||
| 6093 | 3191 | |||||
| 6094 | *) Fix E VP_dsa_sha macro. | 3192 | *) Fix E VP_dsa_sha macro. | |||
| 6095 | [Nils Larsch] | 3193 | [Nils Larsch] | |||
| 6096 | 3194 | |||||
| 6097 | *) New o ption | 3195 | *) New o ption | |||
| 6098 | SSL_OP_DON T_INSERT_E MPTY_FRAGM ENTS | 3196 | SSL_OP_DON T_INSERT_E MPTY_FRAGM ENTS | |||
| 6099 | for d isabling t he SSL 3.0 /TLS 1.0 C BC vulnera bility cou ntermeasur e | 3197 | for d isabling t he SSL 3.0 /TLS 1.0 C BC vulnera bility cou ntermeasur e | |||
| 6100 | that was added in OpenSSL 0.9.6d. | 3198 | that was added in OpenSSL 0.9.6d. | |||
| 6101 | 3199 | |||||
| 6102 | As th e counterm easure tur ned out to be incomp atible wit h some | 3200 | As th e counterm easure tur ned out to be incomp atible wit h some | |||
| 6103 | broke n SSL impl ementation s, the new option is part of S SL_OP_ALL. | 3201 | broke n SSL impl ementation s, the new option is part of S SL_OP_ALL. | |||
| 6104 | SSL_O P_ALL is u sually emp loyed when compatibi lity with weird SSL | 3202 | SSL_O P_ALL is u sually emp loyed when compatibi lity with weird SSL | |||
| 6105 | imple mentations is desire d (e.g. '- bugs' opti on to 's_c lient' and | 3203 | imple mentations is desire d (e.g. '- bugs' opti on to 's_c lient' and | |||
| 6106 | 's_se rver'), so the new o ption is a utomatical ly set in many | 3204 | 's_se rver'), so the new o ption is a utomatical ly set in many | |||
| 6107 | appli cations. | 3205 | appli cations. | |||
| 6108 | [Bodo Moeller] | 3206 | [Bodo Moeller] | |||
| 6109 | 3207 | |||||
| 6110 | *) Chang es in secu rity patch : | 3208 | *) Chang es in secu rity patch : | |||
| 6111 | 3209 | |||||
| 6112 | Chang es marked "(CHATS)" were spons ored by th e Defense Advanced | 3210 | Chang es marked "(CHATS)" were spons ored by th e Defense Advanced | |||
| 6113 | Resea rch Projec ts Agency (DARPA) an d Air Forc e Research Laborator y, | 3211 | Resea rch Projec ts Agency (DARPA) an d Air Forc e Research Laborator y, | |||
| 6114 | Air F orce Mater iel Comman d, USAF, u nder agree ment numbe r | 3212 | Air F orce Mater iel Comman d, USAF, u nder agree ment numbe r | |||
| 6115 | F3060 2-01-2-053 7. | 3213 | F3060 2-01-2-053 7. | |||
| 6116 | 3214 | |||||
| 6117 | *) Add v arious san ity checks to asn1_g et_length( ) to rejec t | 3215 | *) Add v arious san ity checks to asn1_g et_length( ) to rejec t | |||
| 6118 | the A SN1 length bytes if they excee d sizeof(l ong), will appear | 3216 | the A SN1 length bytes if they excee d sizeof(l ong), will appear | |||
| 6119 | negat ive or the content l ength exce eds the le ngth of th e | 3217 | negat ive or the content l ength exce eds the le ngth of th e | |||
| 6120 | suppl ied buffer . (CVE-200 2-0659) | 3218 | suppl ied buffer . (CAN-200 2-0659) | |||
| 6121 | [Stev e Henson, Adi Stav < stav@mercu ry.co.il>, James Yon an <jim@nt lp.com>] | 3219 | [Stev e Henson, Adi Stav < stav@mercu ry.co.il>, James Yon an <jim@nt lp.com>] | |||
| 6122 | 3220 | |||||
| 6123 | *) Asser tions for various po tential bu ffer overf lows, not known to | 3221 | *) Asser tions for various po tential bu ffer overf lows, not known to | |||
| 6124 | happe n in pract ice. | 3222 | happe n in pract ice. | |||
| 6125 | [Ben Laurie (CH ATS)] | 3223 | [Ben Laurie (CH ATS)] | |||
| 6126 | 3224 | |||||
| 6127 | *) Vario us tempora ry buffers to hold A SCII versi ons of int egers were | 3225 | *) Vario us tempora ry buffers to hold A SCII versi ons of int egers were | |||
| 6128 | too s mall for 6 4 bit plat forms. (CV E-2002-065 5) | 3226 | too s mall for 6 4 bit plat forms. (CA N-2002-065 5) | |||
| 6129 | [Matt hew Byng-M addick <mb m@aldigita l.co.uk> a nd Ben Lau rie (CHATS )> | 3227 | [Matt hew Byng-M addick <mb m@aldigita l.co.uk> a nd Ben Lau rie (CHATS )> | |||
| 6130 | 3228 | |||||
| 6131 | *) Remot e buffer o verflow in SSL3 prot ocol - an attacker c ould | 3229 | *) Remot e buffer o verflow in SSL3 prot ocol - an attacker c ould | |||
| 6132 | suppl y an overs ized sessi on ID to a client. ( CVE-2002-0 656) | 3230 | suppl y an overs ized sessi on ID to a client. ( CAN-2002-0 656) | |||
| 6133 | [Ben Laurie (CH ATS)] | 3231 | [Ben Laurie (CH ATS)] | |||
| 6134 | 3232 | |||||
| 6135 | *) Remot e buffer o verflow in SSL2 prot ocol - an attacker c ould | 3233 | *) Remot e buffer o verflow in SSL2 prot ocol - an attacker c ould | |||
| 6136 | suppl y an overs ized clien t master k ey. (CVE-2 002-0656) | 3234 | suppl y an overs ized clien t master k ey. (CAN-2 002-0656) | |||
| 6137 | [Ben Laurie (CH ATS)] | 3235 | [Ben Laurie (CH ATS)] | |||
| 6138 | 3236 | |||||
| 6139 | Changes b etween 0.9 .6c and 0. 9.6d [9 M ay 2002] | 3237 | Changes b etween 0.9 .6c and 0. 9.6d [9 M ay 2002] | |||
| 6140 | 3238 | |||||
| 6141 | *) Fix c rypto/asn1 /a_sign.c so that 'p arameters' is omitte d (not | 3239 | *) Fix c rypto/asn1 /a_sign.c so that 'p arameters' is omitte d (not | |||
| 6142 | encod ed as NULL ) with id- dsa-with-s ha1. | 3240 | encod ed as NULL ) with id- dsa-with-s ha1. | |||
| 6143 | [Nils Larsch <n la@trustce nter.de>; problem po inted out by Bodo Mo eller] | 3241 | [Nils Larsch <n la@trustce nter.de>; problem po inted out by Bodo Mo eller] | |||
| 6144 | 3242 | |||||
| 6145 | *) Check various X 509_...() return val ues in app s/req.c. | 3243 | *) Check various X 509_...() return val ues in app s/req.c. | |||
| 6146 | [Nils Larsch <n la@trustce nter.de>] | 3244 | [Nils Larsch <n la@trustce nter.de>] | |||
| 6147 | 3245 | |||||
| 6148 | *) Fix B ASE64 deco de (EVP_De codeUpdate ) for data with CR/L F ended li nes: | 3246 | *) Fix B ASE64 deco de (EVP_De codeUpdate ) for data with CR/L F ended li nes: | |||
| 6149 | an en d-of-file condition would erro nously be flagged, w hen the CR LF | 3247 | an en d-of-file condition would erro nously be flagged, w hen the CR LF | |||
| 6150 | was j ust at the end of a processed block. The bug was d iscovered when | 3248 | was j ust at the end of a processed block. The bug was d iscovered when | |||
| 6151 | proce ssing data through a buffering memory BI O handing the data t o a | 3249 | proce ssing data through a buffering memory BI O handing the data t o a | |||
| 6152 | BASE6 4-decoding BIO. Bug fund and p atch submi tted by Pa vel Tsekov | 3250 | BASE6 4-decoding BIO. Bug fund and p atch submi tted by Pa vel Tsekov | |||
| 6153 | <ptse kov@syntre x.com> and Nedelcho Stanev. | 3251 | <ptse kov@syntre x.com> and Nedelcho Stanev. | |||
| 6154 | [Lutz Jaenicke] | 3252 | [Lutz Jaenicke] | |||
| 6155 | 3253 | |||||
| 6156 | *) Imple ment a cou ntermeasur e against a vulnerab ility rece ntly found | 3254 | *) Imple ment a cou ntermeasur e against a vulnerab ility rece ntly found | |||
| 6157 | in CB C ciphersu ites in SS L 3.0/TLS 1.0: Send an empty f ragment | 3255 | in CB C ciphersu ites in SS L 3.0/TLS 1.0: Send an empty f ragment | |||
| 6158 | befor e applicat ion data c hunks to a void the u se of know n IVs | 3256 | befor e applicat ion data c hunks to a void the u se of know n IVs | |||
| 6159 | with data poten tially cho sen by the attacker. | 3257 | with data poten tially cho sen by the attacker. | |||
| 6160 | [Bodo Moeller] | 3258 | [Bodo Moeller] | |||
| 6161 | 3259 | |||||
| 6162 | *) Fix l ength chec ks in ssl3 _get_clien t_hello(). | 3260 | *) Fix l ength chec ks in ssl3 _get_clien t_hello(). | |||
| 6163 | [Bodo Moeller] | 3261 | [Bodo Moeller] | |||
| 6164 | 3262 | |||||
| 6165 | *) TLS/S SL library bugfix: u se s->s3-> in_read_ap p_data dif ferently | 3263 | *) TLS/S SL library bugfix: u se s->s3-> in_read_ap p_data dif ferently | |||
| 6166 | to pr event ssl3 _read_inte rnal() fro m incorrec tly assumi ng that | 3264 | to pr event ssl3 _read_inte rnal() fro m incorrec tly assumi ng that | |||
| 6167 | ssl3_ read_bytes () found a pplication data whil e handshak e | 3265 | ssl3_ read_bytes () found a pplication data whil e handshak e | |||
| 6168 | proce ssing was enabled wh en in fact s->s3->in _read_app_ data was | 3266 | proce ssing was enabled wh en in fact s->s3->in _read_app_ data was | |||
| 6169 | merel y automati cally clea red during the initi al handsha ke. | 3267 | merel y automati cally clea red during the initi al handsha ke. | |||
| 6170 | [Bodo Moeller; problem po inted out by Arne An sper <arne @ats.cyber .ee>] | 3268 | [Bodo Moeller; problem po inted out by Arne An sper <arne @ats.cyber .ee>] | |||
| 6171 | 3269 | |||||
| 6172 | *) Fix o bject defi nitions fo r Private and Enterp rise: they were not | 3270 | *) Fix o bject defi nitions fo r Private and Enterp rise: they were not | |||
| 6173 | recog nized in t heir short name (=low ercase) re presentati on. Extend | 3271 | recog nized in t heir short name (=low ercase) re presentati on. Extend | |||
| 6174 | obj_d at.pl to i ssue an er ror when u sing undef ined keywo rds instea d | 3272 | obj_d at.pl to i ssue an er ror when u sing undef ined keywo rds instea d | |||
| 6175 | of si lently ign oring the problem (S venning So rensen | 3273 | of si lently ign oring the problem (S venning So rensen | |||
| 6176 | <sss@ sss.dnsali as.net>). | 3274 | <sss@ sss.dnsali as.net>). | |||
| 6177 | [Lutz Jaenicke] | 3275 | [Lutz Jaenicke] | |||
| 6178 | 3276 | |||||
| 6179 | *) Fix D H_generate _parameter s() so tha t it works for 'non- standard' | 3277 | *) Fix D H_generate _parameter s() so tha t it works for 'non- standard' | |||
| 6180 | gener ators, i.e . generato rs other t han 2 and 5. (Previ ously, the | 3278 | gener ators, i.e . generato rs other t han 2 and 5. (Previ ously, the | |||
| 6181 | code did not pr operly ini tialise th e 'add' an d 'rem' va lues to | 3279 | code did not pr operly ini tialise th e 'add' an d 'rem' va lues to | |||
| 6182 | BN_ge nerate_pri me().) | 3280 | BN_ge nerate_pri me().) | |||
| 6183 | 3281 | |||||
| 6184 | In th e new gene ral case, we do not insist tha t 'generat or' is | 3282 | In th e new gene ral case, we do not insist tha t 'generat or' is | |||
| 6185 | actua lly a prim itive root : This req uirement i s rather p ointless; | 3283 | actua lly a prim itive root : This req uirement i s rather p ointless; | |||
| 6186 | a gen erator of the order- q subgroup is just a s good, if not | 3284 | a gen erator of the order- q subgroup is just a s good, if not | |||
| 6187 | bette r. | 3285 | bette r. | |||
| 6188 | [Bodo Moeller] | 3286 | [Bodo Moeller] | |||
| 6189 | 3287 | |||||
| 6190 | *) Map n ew X509 ve rification errors to alerts. D iscovered and submit ted by | 3288 | *) Map n ew X509 ve rification errors to alerts. D iscovered and submit ted by | |||
| 6191 | Tom W u <tom@arc ot.com>. | 3289 | Tom W u <tom@arc ot.com>. | |||
| 6192 | [Lutz Jaenicke] | 3290 | [Lutz Jaenicke] | |||
| 6193 | 3291 | |||||
| 6194 | *) Fix s sl3_pendin g() (ssl/s 3_lib.c) t o prevent SSL_pendin g() from | 3292 | *) Fix s sl3_pendin g() (ssl/s 3_lib.c) t o prevent SSL_pendin g() from | |||
| 6195 | retur ning non-z ero before the data has been c ompletely received | 3293 | retur ning non-z ero before the data has been c ompletely received | |||
| 6196 | when using non- blocking I /O. | 3294 | when using non- blocking I /O. | |||
| 6197 | [Bodo Moeller; problem po inted out by John Hu ghes] | 3295 | [Bodo Moeller; problem po inted out by John Hu ghes] | |||
| 6198 | 3296 | |||||
| 6199 | *) Some of the cip hers misse d the stre ngth entry (SSL_LOW etc). | 3297 | *) Some of the cip hers misse d the stre ngth entry (SSL_LOW etc). | |||
| 6200 | [Ben Laurie, Lu tz Jaenick e] | 3298 | [Ben Laurie, Lu tz Jaenick e] | |||
| 6201 | 3299 | |||||
| 6202 | *) Fix b ug in SSL_ clear(): b ad session s were not removed ( found by | 3300 | *) Fix b ug in SSL_ clear(): b ad session s were not removed ( found by | |||
| 6203 | Yoram Zahavi <Y oramZ@gili an.com>). | 3301 | Yoram Zahavi <Y oramZ@gili an.com>). | |||
| 6204 | [Lutz Jaenicke] | 3302 | [Lutz Jaenicke] | |||
| 6205 | 3303 | |||||
| 6206 | *) Add i nformation about Cyg Win 1.3 an d on, and preserve p roper | 3304 | *) Add i nformation about Cyg Win 1.3 an d on, and preserve p roper | |||
| 6207 | confi guration f or the ver sions befo re that. | 3305 | confi guration f or the ver sions befo re that. | |||
| 6208 | [Cori nna Vinsch en <vinsch en@redhat. com> and R ichard Lev itte] | 3306 | [Cori nna Vinsch en <vinsch en@redhat. com> and R ichard Lev itte] | |||
| 6209 | 3307 | |||||
| 6210 | *) Make removal fr om session cache (SS L_CTX_remo ve_session ()) more r obust: | 3308 | *) Make removal fr om session cache (SS L_CTX_remo ve_session ()) more r obust: | |||
| 6211 | check whether w e deal wit h a copy o f a sessio n and do n ot delete from | 3309 | check whether w e deal wit h a copy o f a sessio n and do n ot delete from | |||
| 6212 | the c ache in th is case. P roblem rep orted by " Izhar Shos hani Levi" | 3310 | the c ache in th is case. P roblem rep orted by " Izhar Shos hani Levi" | |||
| 6213 | <izha r@checkpoi nt.com>. | 3311 | <izha r@checkpoi nt.com>. | |||
| 6214 | [Lutz Jaenicke] | 3312 | [Lutz Jaenicke] | |||
| 6215 | 3313 | |||||
| 6216 | *) Do no t store se ssion data into the internal s ession cac he, if it | 3314 | *) Do no t store se ssion data into the internal s ession cac he, if it | |||
| 6217 | is ne ver intend ed to be l ooked up ( SSL_SESS_C ACHE_NO_IN TERNAL_LOO KUP | 3315 | is ne ver intend ed to be l ooked up ( SSL_SESS_C ACHE_NO_IN TERNAL_LOO KUP | |||
| 6218 | flag is set). P roposed by Aslam <as lam@funk.c om>. | 3316 | flag is set). P roposed by Aslam <as lam@funk.c om>. | |||
| 6219 | [Lutz Jaenicke] | 3317 | [Lutz Jaenicke] | |||
| 6220 | 3318 | |||||
| 6221 | *) Have ASN1_BIT_S TRING_set_ bit() real ly clear a bit when the reques ted | 3319 | *) Have ASN1_BIT_S TRING_set_ bit() real ly clear a bit when the reques ted | |||
| 6222 | value is 0. | 3320 | value is 0. | |||
| 6223 | [Rich ard Levitt e] | 3321 | [Rich ard Levitt e] | |||
| 6224 | 3322 | |||||
| 6225 | *) [In 0 .9.6d-engi ne release :] | 3323 | *) [In 0 .9.6d-engi ne release :] | |||
| 6226 | Fix a crashbug and a logi c bug in h wcrhk_load _pubkey(). | 3324 | Fix a crashbug and a logi c bug in h wcrhk_load _pubkey(). | |||
| 6227 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | 3325 | [Toom as Kiisk < vix@cyber. ee> via Ri chard Levi tte] | |||
| 6228 | 3326 | |||||
| 6229 | *) Add t he configu ration tar get linux- s390x. | 3327 | *) Add t he configu ration tar get linux- s390x. | |||
| 6230 | [Neal e Ferguson <Neale.Fe rguson@Sof twareAG-US A.com> via Richard L evitte] | 3328 | [Neal e Ferguson <Neale.Fe rguson@Sof twareAG-US A.com> via Richard L evitte] | |||
| 6231 | 3329 | |||||
| 6232 | *) The e arlier bug fix for th e SSL3_ST_ SW_HELLO_R EQ_C case of | 3330 | *) The e arlier bug fix for th e SSL3_ST_ SW_HELLO_R EQ_C case of | |||
| 6233 | ssl3_ accept (ss l/s3_srvr. c) incorre ctly used a local fl ag | 3331 | ssl3_ accept (ss l/s3_srvr. c) incorre ctly used a local fl ag | |||
| 6234 | varia ble as an indication that a Cl ientHello message ha s been | 3332 | varia ble as an indication that a Cl ientHello message ha s been | |||
| 6235 | recei ved. As t he flag va lue will b e lost bet ween multi ple | 3333 | recei ved. As t he flag va lue will b e lost bet ween multi ple | |||
| 6236 | invoc ations of ssl3_accep t when usi ng non-blo cking I/O, the | 3334 | invoc ations of ssl3_accep t when usi ng non-blo cking I/O, the | |||
| 6237 | funct ion may no t be aware that a ha ndshake ha s actually taken | 3335 | funct ion may no t be aware that a ha ndshake ha s actually taken | |||
| 6238 | place , thus pre venting a new sessio n from bei ng added t o the | 3336 | place , thus pre venting a new sessio n from bei ng added t o the | |||
| 6239 | sessi on cache. | 3337 | sessi on cache. | |||
| 6240 | 3338 | |||||
| 6241 | To av oid this p roblem, we now set s ->new_sess ion to 2 i nstead of | 3339 | To av oid this p roblem, we now set s ->new_sess ion to 2 i nstead of | |||
| 6242 | using a local v ariable. | 3340 | using a local v ariable. | |||
| 6243 | [Lutz Jaenicke, Bodo Moel ler] | 3341 | [Lutz Jaenicke, Bodo Moel ler] | |||
| 6244 | 3342 | |||||
| 6245 | *) Bugfi x: Return -1 from ss l3_get_ser ver_done ( ssl3/s3_cl nt.c) | 3343 | *) Bugfi x: Return -1 from ss l3_get_ser ver_done ( ssl3/s3_cl nt.c) | |||
| 6246 | if th e SSL_R_LE NGTH_MISMA TCH error is detecte d. | 3344 | if th e SSL_R_LE NGTH_MISMA TCH error is detecte d. | |||
| 6247 | [Geof f Thorpe, Bodo Moell er] | 3345 | [Geof f Thorpe, Bodo Moell er] | |||
| 6248 | 3346 | |||||
| 6249 | *) New ' shared_ldf lag' colum n in Confi gure platf orm table. | 3347 | *) New ' shared_ldf lag' colum n in Confi gure platf orm table. | |||
| 6250 | [Rich ard Levitt e] | 3348 | [Rich ard Levitt e] | |||
| 6251 | 3349 | |||||
| 6252 | *) Fix E VP_CIPHER_ mode macro . | 3350 | *) Fix E VP_CIPHER_ mode macro . | |||
| 6253 | ["Dan S. Camper " <dan@bti .net>] | 3351 | ["Dan S. Camper " <dan@bti .net>] | |||
| 6254 | 3352 | |||||
| 6255 | *) Fix s sl3_read_b ytes (ssl/ s3_pkt.c): To ignore messages of unknown | 3353 | *) Fix s sl3_read_b ytes (ssl/ s3_pkt.c): To ignore messages of unknown | |||
| 6256 | type, we must t hrow them away by se tting rr-> length to 0. | 3354 | type, we must t hrow them away by se tting rr-> length to 0. | |||
| 6257 | [D P Chang <dpc @qualys.co m>] | 3355 | [D P Chang <dpc @qualys.co m>] | |||
| 6258 | 3356 | |||||
| 6259 | Changes b etween 0.9 .6b and 0. 9.6c [21 dec 2001] | 3357 | Changes b etween 0.9 .6b and 0. 9.6c [21 dec 2001] | |||
| 6260 | 3358 | |||||
| 6261 | *) Fix B N_rand_ran ge bug poi nted out b y Dominiku s Scherkl | 3359 | *) Fix B N_rand_ran ge bug poi nted out b y Dominiku s Scherkl | |||
| 6262 | <Domi nikus.Sche rkl@biodat a.com>. ( The previo us impleme ntation | 3360 | <Domi nikus.Sche rkl@biodat a.com>. ( The previo us impleme ntation | |||
| 6263 | worke d incorrec tly for th ose cases where ran ge = 10... _2 and | 3361 | worke d incorrec tly for th ose cases where ran ge = 10... _2 and | |||
| 6264 | 3*ran ge is two bits long er than r ange.) | 3362 | 3*ran ge is two bits long er than r ange.) | |||
| 6265 | [Bodo Moeller] | 3363 | [Bodo Moeller] | |||
| 6266 | 3364 | |||||
| 6267 | *) Only add signin g time to PKCS7 stru ctures if it is not already | 3365 | *) Only add signin g time to PKCS7 stru ctures if it is not already | |||
| 6268 | prese nt. | 3366 | prese nt. | |||
| 6269 | [Stev e Henson] | 3367 | [Stev e Henson] | |||
| 6270 | 3368 | |||||
| 6271 | *) Fix c rypto/obje cts/object s.h: "ld-c e" should be "id-ce" , | 3369 | *) Fix c rypto/obje cts/object s.h: "ld-c e" should be "id-ce" , | |||
| 6272 | OBJ_l d_ce shoul d be OBJ_i d_ce. | 3370 | OBJ_l d_ce shoul d be OBJ_i d_ce. | |||
| 6273 | Also some ip-pd a OIDs in crypto/obj ects/objec ts.txt wer e | 3371 | Also some ip-pd a OIDs in crypto/obj ects/objec ts.txt wer e | |||
| 6274 | incor rect (cf. RFC 3039). | 3372 | incor rect (cf. RFC 3039). | |||
| 6275 | [Matt Cooper, F rederic Gi udicelli, Bodo Moell er] | 3373 | [Matt Cooper, F rederic Gi udicelli, Bodo Moell er] | |||
| 6276 | 3374 | |||||
| 6277 | *) Relea se CRYPTO_ LOCK_DYNLO CK when CR YPTO_destr oy_dynlock id() | 3375 | *) Relea se CRYPTO_ LOCK_DYNLO CK when CR YPTO_destr oy_dynlock id() | |||
| 6278 | retur ns early b ecause it has nothin g to do. | 3376 | retur ns early b ecause it has nothin g to do. | |||
| 6279 | [Andy Schneider <andy.sch neider@bjs s.co.uk>] | 3377 | [Andy Schneider <andy.sch neider@bjs s.co.uk>] | |||
| 6280 | 3378 | |||||
| 6281 | *) [In 0 .9.6c-engi ne release :] | 3379 | *) [In 0 .9.6c-engi ne release :] | |||
| 6282 | Fix m utex callb ack return values in crypto/en gine/hw_nc ipher.c. | 3380 | Fix m utex callb ack return values in crypto/en gine/hw_nc ipher.c. | |||
| 6283 | [Andy Schneider <andy.sch neider@bjs s.co.uk>] | 3381 | [Andy Schneider <andy.sch neider@bjs s.co.uk>] | |||
| 6284 | 3382 | |||||
| 6285 | *) [In 0 .9.6c-engi ne release :] | 3383 | *) [In 0 .9.6c-engi ne release :] | |||
| 6286 | Add s upport for Cryptogra phic Appli ance's key server tec hnology. | 3384 | Add s upport for Cryptogra phic Appli ance's key server tec hnology. | |||
| 6287 | (Use engine 'ke yclient') | 3385 | (Use engine 'ke yclient') | |||
| 6288 | [Cryp tographic Appliances and Geoff Thorpe] | 3386 | [Cryp tographic Appliances and Geoff Thorpe] | |||
| 6289 | 3387 | |||||
| 6290 | *) Add a configura tion entry for OS/39 0 Unix. T he C compi ler 'c89' | 3388 | *) Add a configura tion entry for OS/39 0 Unix. T he C compi ler 'c89' | |||
| 6291 | is ca lled via t ools/c89.s h because arguments have to be | 3389 | is ca lled via t ools/c89.s h because arguments have to be | |||
| 6292 | rearr anged (all '-L' opti ons must a ppear befo re the fir st object | 3390 | rearr anged (all '-L' opti ons must a ppear befo re the fir st object | |||
| 6293 | modul es). | 3391 | modul es). | |||
| 6294 | [Rich ard Shapir o <rshapir o@abinitio .com>] | 3392 | [Rich ard Shapir o <rshapir o@abinitio .com>] | |||
| 6295 | 3393 | |||||
| 6296 | *) [In 0 .9.6c-engi ne release :] | 3394 | *) [In 0 .9.6c-engi ne release :] | |||
| 6297 | Add s upport for Broadcom crypto acc elerator c ards, back ported | 3395 | Add s upport for Broadcom crypto acc elerator c ards, back ported | |||
| 6298 | from 0.9.7. | 3396 | from 0.9.7. | |||
| 6299 | [Broa dcom, Nali n Dahyabha i <nalin@r edhat.com> , Mark Cox ] | 3397 | [Broa dcom, Nali n Dahyabha i <nalin@r edhat.com> , Mark Cox ] | |||
| 6300 | 3398 | |||||
| 6301 | *) [In 0 .9.6c-engi ne release :] | 3399 | *) [In 0 .9.6c-engi ne release :] | |||
| 6302 | Add s upport for SureWare crypto acc elerator c ards from | 3400 | Add s upport for SureWare crypto acc elerator c ards from | |||
| 6303 | Balti more Techn ologies. (Use engin e 'surewar e') | 3401 | Balti more Techn ologies. (Use engin e 'surewar e') | |||
| 6304 | [Balt imore Tech nologies a nd Mark Co x] | 3402 | [Balt imore Tech nologies a nd Mark Co x] | |||
| 6305 | 3403 | |||||
| 6306 | *) [In 0 .9.6c-engi ne release :] | 3404 | *) [In 0 .9.6c-engi ne release :] | |||
| 6307 | Add s upport for crypto ac celerator cards from Accelerat ed | 3405 | Add s upport for crypto ac celerator cards from Accelerat ed | |||
| 6308 | Encry ption Proc essing, ww w.aep.ie. (Use engi ne 'aep') | 3406 | Encry ption Proc essing, ww w.aep.ie. (Use engi ne 'aep') | |||
| 6309 | [AEP Inc. and M ark Cox] | 3407 | [AEP Inc. and M ark Cox] | |||
| 6310 | 3408 | |||||
| 6311 | *) Add a configura tion entry for gcc o n UnixWare . | 3409 | *) Add a configura tion entry for gcc o n UnixWare . | |||
| 6312 | [Gary Benson <g benson@red hat.com>] | 3410 | [Gary Benson <g benson@red hat.com>] | |||
| 6313 | 3411 | |||||
| 6314 | *) Chang e ssl/s2_c lnt.c and ssl/s2_srv r.c so tha t received handshake | 3412 | *) Chang e ssl/s2_c lnt.c and ssl/s2_srv r.c so tha t received handshake | |||
| 6315 | messa ges are st ored in a single pie ce (fixed- length par t and | 3413 | messa ges are st ored in a single pie ce (fixed- length par t and | |||
| 6316 | varia ble-length part comb ined) and fix variou s bugs fou nd on the way. | 3414 | varia ble-length part comb ined) and fix variou s bugs fou nd on the way. | |||
| 6317 | [Bodo Moeller] | 3415 | [Bodo Moeller] | |||
| 6318 | 3416 | |||||
| 6319 | *) Disab le caching in BIO_ge thostbynam e(), direc tly use ge thostbynam e() | 3417 | *) Disab le caching in BIO_ge thostbynam e(), direc tly use ge thostbynam e() | |||
| 6320 | inste ad. BIO_g ethostbyna me() does not know w hat timeou ts are | 3418 | inste ad. BIO_g ethostbyna me() does not know w hat timeou ts are | |||
| 6321 | appro priate, so entries w ould stay in cache e ven when t hey have | 3419 | appro priate, so entries w ould stay in cache e ven when t hey have | |||
| 6322 | becom e invalid. | 3420 | becom e invalid. | |||
| 6323 | [Bodo Moeller; problem po inted out by Rich Sa lz <rsalz@ zolera.com > | 3421 | [Bodo Moeller; problem po inted out by Rich Sa lz <rsalz@ zolera.com > | |||
| 6324 | 3422 | |||||
| 6325 | *) Chang e ssl23_ge t_client_h ello (ssl/ s23_srvr.c ) behaviou r when | 3423 | *) Chang e ssl23_ge t_client_h ello (ssl/ s23_srvr.c ) behaviou r when | |||
| 6326 | faced with a pa thological ly small C lientHello fragment that does | 3424 | faced with a pa thological ly small C lientHello fragment that does | |||
| 6327 | not c ontain cli ent_versio n: Instead of aborti ng with an error, | 3425 | not c ontain cli ent_versio n: Instead of aborti ng with an error, | |||
| 6328 | simpl y choose t he highest available protocol version (i .e., | 3426 | simpl y choose t he highest available protocol version (i .e., | |||
| 6329 | TLS 1 .0 unless it is disa bled). In practice, ClientHel lo | 3427 | TLS 1 .0 unless it is disa bled). In practice, ClientHel lo | |||
| 6330 | messa ges are ne ver sent l ike this, but this c hange give s us | 3428 | messa ges are ne ver sent l ike this, but this c hange give s us | |||
| 6331 | stric tly correc t behaviou r at least for TLS. | 3429 | stric tly correc t behaviou r at least for TLS. | |||
| 6332 | [Bodo Moeller] | 3430 | [Bodo Moeller] | |||
| 6333 | 3431 | |||||
| 6334 | *) Fix S SL handsha ke functio ns and SSL _clear() s uch that S SL_clear() | 3432 | *) Fix S SL handsha ke functio ns and SSL _clear() s uch that S SL_clear() | |||
| 6335 | never resets s- >method to s->ctx->m ethod when called fr om within | 3433 | never resets s- >method to s->ctx->m ethod when called fr om within | |||
| 6336 | one o f the SSL handshake functions. | 3434 | one o f the SSL handshake functions. | |||
| 6337 | [Bodo Moeller; problem po inted out by Niko Ba ric] | 3435 | [Bodo Moeller; problem po inted out by Niko Ba ric] | |||
| 6338 | 3436 | |||||
| 6339 | *) In ss l3_get_cli ent_hello (ssl/s3_sr vr.c), gen erate a fa tal alert | 3437 | *) In ss l3_get_cli ent_hello (ssl/s3_sr vr.c), gen erate a fa tal alert | |||
| 6340 | (sent using the client's version nu mber) if c lient_vers ion is | 3438 | (sent using the client's version nu mber) if c lient_vers ion is | |||
| 6341 | small er than th e protocol version i n use. Al so change | 3439 | small er than th e protocol version i n use. Al so change | |||
| 6342 | ssl23 _get_clien t_hello (s sl/s23_srv r.c) to se lect TLS 1 .0 if | 3440 | ssl23 _get_clien t_hello (s sl/s23_srv r.c) to se lect TLS 1 .0 if | |||
| 6343 | the c lient dema nded SSL 3 .0 but onl y TLS 1.0 is enabled ; then | 3441 | the c lient dema nded SSL 3 .0 but onl y TLS 1.0 is enabled ; then | |||
| 6344 | the c lient will at least see that a lert. | 3442 | the c lient will at least see that a lert. | |||
| 6345 | [Bodo Moeller] | 3443 | [Bodo Moeller] | |||
| 6346 | 3444 | |||||
| 6347 | *) Fix s sl3_get_me ssage (ssl /s3_both.c ) to handl e message fragmentat ion | 3445 | *) Fix s sl3_get_me ssage (ssl /s3_both.c ) to handl e message fragmentat ion | |||
| 6348 | corre ctly. | 3446 | corre ctly. | |||
| 6349 | [Bodo Moeller] | 3447 | [Bodo Moeller] | |||
| 6350 | 3448 | |||||
| 6351 | *) Avoid infinite loop in ss l3_get_mes sage (ssl/ s3_both.c) if a | 3449 | *) Avoid infinite loop in ss l3_get_mes sage (ssl/ s3_both.c) if a | |||
| 6352 | clien t receives HelloRequ est while in a hands hake. | 3450 | clien t receives HelloRequ est while in a hands hake. | |||
| 6353 | [Bodo Moeller; bug notice d by Andy Schneider <andy.schn eider@bjss .co.uk>] | 3451 | [Bodo Moeller; bug notice d by Andy Schneider <andy.schn eider@bjss .co.uk>] | |||
| 6354 | 3452 | |||||
| 6355 | *) Bugfi x in ssl3_ accept (ss l/s3_srvr. c): Case S SL3_ST_SW_ HELLO_REQ_ C | 3453 | *) Bugfi x in ssl3_ accept (ss l/s3_srvr. c): Case S SL3_ST_SW_ HELLO_REQ_ C | |||
| 6356 | shoul d end in ' break', no t 'goto en d' which c ircuments various | 3454 | shoul d end in ' break', no t 'goto en d' which c ircuments various | |||
| 6357 | clean ups done i n state SS L_ST_OK. But sessi on related stuff | 3455 | clean ups done i n state SS L_ST_OK. But sessi on related stuff | |||
| 6358 | must be disable d for SSL_ ST_OK in t he case th at we just sent a | 3456 | must be disable d for SSL_ ST_OK in t he case th at we just sent a | |||
| 6359 | Hello Request. | 3457 | Hello Request. | |||
| 6360 | 3458 | |||||
| 6361 | Also avoid some overhead by not cal ling ssl_i nit_wbio_b uffer() | 3459 | Also avoid some overhead by not cal ling ssl_i nit_wbio_b uffer() | |||
| 6362 | befor e just sen ding a Hel loRequest. | 3460 | befor e just sen ding a Hel loRequest. | |||
| 6363 | [Bodo Moeller, Eric Resco rla <ekr@r tfm.com>] | 3461 | [Bodo Moeller, Eric Resco rla <ekr@r tfm.com>] | |||
| 6364 | 3462 | |||||
| 6365 | *) Fix s sl/s3_enc. c, ssl/t1_ enc.c and ssl/s3_pkt .c so that we don't | 3463 | *) Fix s sl/s3_enc. c, ssl/t1_ enc.c and ssl/s3_pkt .c so that we don't | |||
| 6366 | revea l whether illegal bl ock cipher padding w as found o r a MAC | 3464 | revea l whether illegal bl ock cipher padding w as found o r a MAC | |||
| 6367 | verif ication er ror occure d. (Neith er SSLerr( ) codes no r alerts | 3465 | verif ication er ror occure d. (Neith er SSLerr( ) codes no r alerts | |||
| 6368 | are d irectly vi sible to p otential a ttackers, but the in formation | 3466 | are d irectly vi sible to p otential a ttackers, but the in formation | |||
| 6369 | may l eak via lo gfiles.) | 3467 | may l eak via lo gfiles.) | |||
| 6370 | 3468 | |||||
| 6371 | Simil ar changes are not r equired fo r the SSL 2.0 implem entation | 3469 | Simil ar changes are not r equired fo r the SSL 2.0 implem entation | |||
| 6372 | becau se the num ber of pad ding bytes is sent i n clear fo r SSL 2.0, | 3470 | becau se the num ber of pad ding bytes is sent i n clear fo r SSL 2.0, | |||
| 6373 | and t he extra b ytes are j ust ignore d. Howeve r ssl/s2_p kt.c | 3471 | and t he extra b ytes are j ust ignore d. Howeve r ssl/s2_p kt.c | |||
| 6374 | faile d to verif y that the purported number of padding b ytes is in | 3472 | faile d to verif y that the purported number of padding b ytes is in | |||
| 6375 | the l egal range . | 3473 | the l egal range . | |||
| 6376 | [Bodo Moeller] | 3474 | [Bodo Moeller] | |||
| 6377 | 3475 | |||||
| 6378 | *) Add O penUNIX-8 support in cluding sh ared libra ries | 3476 | *) Add O penUNIX-8 support in cluding sh ared libra ries | |||
| 6379 | (Boyd Lynn Gerb er <gerber b@zenez.co m>). | 3477 | (Boyd Lynn Gerb er <gerber b@zenez.co m>). | |||
| 6380 | [Lutz Jaenicke] | 3478 | [Lutz Jaenicke] | |||
| 6381 | 3479 | |||||
| 6382 | *) Impro ve RSA_pad ding_check _PKCS1_OAE P() check again to a void | 3480 | *) Impro ve RSA_pad ding_check _PKCS1_OAE P() check again to a void | |||
| 6383 | 'wris twatch att ack' using huge enco ding param eters (cf. | 3481 | 'wris twatch att ack' using huge enco ding param eters (cf. | |||
| 6384 | James H. Manger 's CRYPTO 2001 paper ). Note t hat the | 3482 | James H. Manger 's CRYPTO 2001 paper ). Note t hat the | |||
| 6385 | RSA_P KCS1_OAEP_ PADDING ca se of RSA_ private_de crypt() do es not use | 3483 | RSA_P KCS1_OAEP_ PADDING ca se of RSA_ private_de crypt() do es not use | |||
| 6386 | encod ing parame ters and h ence was n ot vulnera ble. | 3484 | encod ing parame ters and h ence was n ot vulnera ble. | |||
| 6387 | [Bodo Moeller] | 3485 | [Bodo Moeller] | |||
| 6388 | 3486 | |||||
| 6389 | *) BN_sq r() bug fi x. | 3487 | *) BN_sq r() bug fi x. | |||
| 6390 | [Ulf Möller, re ported by Jim Ellis <jim.ellis @cavium.co m>] | 3488 | [Ulf Möller, re ported by Jim Ellis <jim.ellis @cavium.co m>] | |||
| 6391 | 3489 | |||||
| 6392 | *) Rabin -Miller te st analyse s assume u niformly d istributed witnesses , | 3490 | *) Rabin -Miller te st analyse s assume u niformly d istributed witnesses , | |||
| 6393 | so us e BN_pseud o_rand_ran ge() inste ad of usin g BN_pseud o_rand() | 3491 | so us e BN_pseud o_rand_ran ge() inste ad of usin g BN_pseud o_rand() | |||
| 6394 | follo wed by mod ular reduc tion. | 3492 | follo wed by mod ular reduc tion. | |||
| 6395 | [Bodo Moeller; pointed ou t by Adam Young <AYo ung1@NCSUS .JNJ.COM>] | 3493 | [Bodo Moeller; pointed ou t by Adam Young <AYo ung1@NCSUS .JNJ.COM>] | |||
| 6396 | 3494 | |||||
| 6397 | *) Add B N_pseudo_r and_range( ) with obv ious funct ionality: BN_rand_ra nge() | 3495 | *) Add B N_pseudo_r and_range( ) with obv ious funct ionality: BN_rand_ra nge() | |||
| 6398 | equiv alent base d on BN_ps eudo_rand( ) instead of BN_rand (). | 3496 | equiv alent base d on BN_ps eudo_rand( ) instead of BN_rand (). | |||
| 6399 | [Bodo Moeller] | 3497 | [Bodo Moeller] | |||
| 6400 | 3498 | |||||
| 6401 | *) s3_sr vr.c: allo w sending of large c lient cert ificate li sts (> 16 kB). | 3499 | *) s3_sr vr.c: allo w sending of large c lient cert ificate li sts (> 16 kB). | |||
| 6402 | This function w as broken, as the ch eck for a new client hello mes sage | 3500 | This function w as broken, as the ch eck for a new client hello mes sage | |||
| 6403 | to ha ndle SGC d id not all ow these l arge messa ges. | 3501 | to ha ndle SGC d id not all ow these l arge messa ges. | |||
| 6404 | (Trac ked down b y "Douglas E. Engert " <deenger t@anl.gov> .) | 3502 | (Trac ked down b y "Douglas E. Engert " <deenger t@anl.gov> .) | |||
| 6405 | [Lutz Jaenicke] | 3503 | [Lutz Jaenicke] | |||
| 6406 | 3504 | |||||
| 6407 | *) Add a lert descr iptions fo r TLSv1 to SSL_alert _desc_stri ng[_long]( ). | 3505 | *) Add a lert descr iptions fo r TLSv1 to SSL_alert _desc_stri ng[_long]( ). | |||
| 6408 | [Lutz Jaenicke] | 3506 | [Lutz Jaenicke] | |||
| 6409 | 3507 | |||||
| 6410 | *) Fix b uggy behav iour of BI O_get_num_ renegotiat es() and B IO_ctrl() | 3508 | *) Fix b uggy behav iour of BI O_get_num_ renegotiat es() and B IO_ctrl() | |||
| 6411 | for B IO_C_GET_W RITE_BUF_S IZE ("Step hen Hinton " <shinton @netopia.c om>). | 3509 | for B IO_C_GET_W RITE_BUF_S IZE ("Step hen Hinton " <shinton @netopia.c om>). | |||
| 6412 | [Lutz Jaenicke] | 3510 | [Lutz Jaenicke] | |||
| 6413 | 3511 | |||||
| 6414 | *) Rewor k the conf iguration and shared library s upport for Tru64 Uni x. | 3512 | *) Rewor k the conf iguration and shared library s upport for Tru64 Uni x. | |||
| 6415 | The c onfigurati on part ma kes use of modern co mpiler fea tures and | 3513 | The c onfigurati on part ma kes use of modern co mpiler fea tures and | |||
| 6416 | still retains o ld compile r behavior for those that run older vers ions | 3514 | still retains o ld compile r behavior for those that run older vers ions | |||
| 6417 | of th e OS. The shared li brary supp ort part i ncludes a variant th at | 3515 | of th e OS. The shared li brary supp ort part i ncludes a variant th at | |||
| 6418 | uses the RPATH feature, a nd is avai lable thro ugh the sp ecial | 3516 | uses the RPATH feature, a nd is avai lable thro ugh the sp ecial | |||
| 6419 | confi guration t arget "alp ha-cc-rpat h", which will never be select ed | 3517 | confi guration t arget "alp ha-cc-rpat h", which will never be select ed | |||
| 6420 | autom atically. | 3518 | autom atically. | |||
| 6421 | [Tim Mooney <mo oney@dogbe rt.cc.ndsu .NoDak.edu > via Rich ard Levitt e] | 3519 | [Tim Mooney <mo oney@dogbe rt.cc.ndsu .NoDak.edu > via Rich ard Levitt e] | |||
| 6422 | 3520 | |||||
| 6423 | *) In ss l3_get_key _exchange (ssl/s3_cl nt.c), cal l ssl3_get _message() | 3521 | *) In ss l3_get_key _exchange (ssl/s3_cl nt.c), cal l ssl3_get _message() | |||
| 6424 | with the same m essage siz e as in ss l3_get_cer tificate_r equest(). | 3522 | with the same m essage siz e as in ss l3_get_cer tificate_r equest(). | |||
| 6425 | Other wise, if n o ServerKe yExchange message oc curs, Cert ificateReq uest | 3523 | Other wise, if n o ServerKe yExchange message oc curs, Cert ificateReq uest | |||
| 6426 | messa ges might inadverten tly be rej ect as too long. | 3524 | messa ges might inadverten tly be rej ect as too long. | |||
| 6427 | [Petr Lampa <la mpa@fee.vu tbr.cz>] | 3525 | [Petr Lampa <la mpa@fee.vu tbr.cz>] | |||
| 6428 | 3526 | |||||
| 6429 | *) Enhan ced suppor t for IA-6 4 Unix pla tforms (we ll, Linux and HP-UX) . | 3527 | *) Enhan ced suppor t for IA-6 4 Unix pla tforms (we ll, Linux and HP-UX) . | |||
| 6430 | [Andy Polyakov] | 3528 | [Andy Polyakov] | |||
| 6431 | 3529 | |||||
| 6432 | *) Modif ied SSL li brary such that the verify_cal lback that has been set | 3530 | *) Modif ied SSL li brary such that the verify_cal lback that has been set | |||
| 6433 | speci ficly for an SSL obj ect with S SL_set_ver ify() is a ctually be ing | 3531 | speci ficly for an SSL obj ect with S SL_set_ver ify() is a ctually be ing | |||
| 6434 | used. Before th e change, a verify_c allback se t with thi s function was | 3532 | used. Before th e change, a verify_c allback se t with thi s function was | |||
| 6435 | ignor ed and the verify_ca llback() s et in the SSL_CTX at the time of | 3533 | ignor ed and the verify_ca llback() s et in the SSL_CTX at the time of | |||
| 6436 | the c all was us ed. New fu nction X50 9_STORE_CT X_set_veri fy_cb() in troduced | 3534 | the c all was us ed. New fu nction X50 9_STORE_CT X_set_veri fy_cb() in troduced | |||
| 6437 | to al low the ne cessary se ttings. | 3535 | to al low the ne cessary se ttings. | |||
| 6438 | [Lutz Jaenicke] | 3536 | [Lutz Jaenicke] | |||
| 6439 | 3537 | |||||
| 6440 | *) Initi alize stat ic variabl e in crypt o/dsa/dsa_ lib.c and crypto/dh/ dh_lib.c | 3538 | *) Initi alize stat ic variabl e in crypt o/dsa/dsa_ lib.c and crypto/dh/ dh_lib.c | |||
| 6441 | expli citly to N ULL, as at least on Solaris 8 this seems not alway s to be | 3539 | expli citly to N ULL, as at least on Solaris 8 this seems not alway s to be | |||
| 6442 | done automatica lly (in co ntradictio n to the r equirement s of the C | 3540 | done automatica lly (in co ntradictio n to the r equirement s of the C | |||
| 6443 | stand ard). This made prob lems when used from OpenSSH. | 3541 | stand ard). This made prob lems when used from OpenSSH. | |||
| 6444 | [Lutz Jaenicke] | 3542 | [Lutz Jaenicke] | |||
| 6445 | 3543 | |||||
| 6446 | *) In Op enSSL 0.9. 6a and 0.9 .6b, crypt o/dh/dh_ke y.c ignore d | 3544 | *) In Op enSSL 0.9. 6a and 0.9 .6b, crypt o/dh/dh_ke y.c ignore d | |||
| 6447 | dh->l ength and always use d | 3545 | dh->l ength and always use d | |||
| 6448 | 3546 | |||||
| 6449 | BN_rand_ra nge(priv_k ey, dh->p) . | 3547 | BN_rand_ra nge(priv_k ey, dh->p) . | |||
| 6450 | 3548 | |||||
| 6451 | BN_ra nd_range() is not ne cessary fo r Diffie-H ellman, an d this | 3549 | BN_ra nd_range() is not ne cessary fo r Diffie-H ellman, an d this | |||
| 6452 | speci fic range makes Diff ie-Hellman unnecessa rily ineff icient if | 3550 | speci fic range makes Diff ie-Hellman unnecessa rily ineff icient if | |||
| 6453 | dh->l ength (rec ommended e xponent le ngth) is m uch smalle r than the | 3551 | dh->l ength (rec ommended e xponent le ngth) is m uch smalle r than the | |||
| 6454 | lengt h of dh->p . We coul d use BN_r and_range( ) if the o rder of | 3552 | lengt h of dh->p . We coul d use BN_r and_range( ) if the o rder of | |||
| 6455 | the s ubgroup wa s stored i n the DH s tructure, but we onl y have | 3553 | the s ubgroup wa s stored i n the DH s tructure, but we onl y have | |||
| 6456 | dh->l ength. | 3554 | dh->l ength. | |||
| 6457 | 3555 | |||||
| 6458 | So sw itch back to | 3556 | So sw itch back to | |||
| 6459 | 3557 | |||||
| 6460 | BN_rand(pr iv_key, l, ...) | 3558 | BN_rand(pr iv_key, l, ...) | |||
| 6461 | 3559 | |||||
| 6462 | where 'l' is dh ->length i f this is defined, o r BN_num_b its(dh->p) -1 | 3560 | where 'l' is dh ->length i f this is defined, o r BN_num_b its(dh->p) -1 | |||
| 6463 | other wise. | 3561 | other wise. | |||
| 6464 | [Bodo Moeller] | 3562 | [Bodo Moeller] | |||
| 6465 | 3563 | |||||
| 6466 | *) In | 3564 | *) In | |||
| 6467 | 3565 | |||||
| 6468 | RSA_eay_pu blic_encry pt | 3566 | RSA_eay_pu blic_encry pt | |||
| 6469 | RSA_eay_pr ivate_decr ypt | 3567 | RSA_eay_pr ivate_decr ypt | |||
| 6470 | RSA_eay_pr ivate_encr ypt (signi ng) | 3568 | RSA_eay_pr ivate_encr ypt (signi ng) | |||
| 6471 | RSA_eay_pu blic_decry pt (signat ure verifi cation) | 3569 | RSA_eay_pu blic_decry pt (signat ure verifi cation) | |||
| 6472 | 3570 | |||||
| 6473 | (defa ult implem entations for RSA_pu blic_encry pt, | 3571 | (defa ult implem entations for RSA_pu blic_encry pt, | |||
| 6474 | RSA_p rivate_dec rypt, RSA_ private_en crypt, RSA _public_de crypt), | 3572 | RSA_p rivate_dec rypt, RSA_ private_en crypt, RSA _public_de crypt), | |||
| 6475 | alway s reject n umbers >= n. | 3573 | alway s reject n umbers >= n. | |||
| 6476 | [Bodo Moeller] | 3574 | [Bodo Moeller] | |||
| 6477 | 3575 | |||||
| 6478 | *) In cr ypto/rand/ md_rand.c, use a new short-tim e lock CRY PTO_LOCK_R AND2 | 3576 | *) In cr ypto/rand/ md_rand.c, use a new short-tim e lock CRY PTO_LOCK_R AND2 | |||
| 6479 | to sy nchronize access to 'locking_t hread'. T his is nec essary on | 3577 | to sy nchronize access to 'locking_t hread'. T his is nec essary on | |||
| 6480 | syste ms where a ccess to ' locking_th read' (an 'unsigned long' | 3578 | syste ms where a ccess to ' locking_th read' (an 'unsigned long' | |||
| 6481 | varia ble) is no t atomic. | 3579 | varia ble) is no t atomic. | |||
| 6482 | [Bodo Moeller] | 3580 | [Bodo Moeller] | |||
| 6483 | 3581 | |||||
| 6484 | *) In cr ypto/rand/ md_rand.c, set 'lock ing_thread ' to curre nt thread' s ID | 3582 | *) In cr ypto/rand/ md_rand.c, set 'lock ing_thread ' to curre nt thread' s ID | |||
| 6485 | *befo re* settin g the 'cry pto_lock_r and' flag. The prev ious code had | 3583 | *befo re* settin g the 'cry pto_lock_r and' flag. The prev ious code had | |||
| 6486 | a rac e conditio n if 0 is a valid th read ID. | 3584 | a rac e conditio n if 0 is a valid th read ID. | |||
| 6487 | [Trav is Vitek < vitek@rogu ewave.com> ] | 3585 | [Trav is Vitek < vitek@rogu ewave.com> ] | |||
| 6488 | 3586 | |||||
| 6489 | *) Add s upport for shared li braries un der Irix. | 3587 | *) Add s upport for shared li braries un der Irix. | |||
| 6490 | [Albe rt Chin-A- Young <chi na@thewrit tenword.co m>] | 3588 | [Albe rt Chin-A- Young <chi na@thewrit tenword.co m>] | |||
| 6491 | 3589 | |||||
| 6492 | *) Add c onfigurati on option to build o n Linux on both big- endian and | 3590 | *) Add c onfigurati on option to build o n Linux on both big- endian and | |||
| 6493 | littl e-endian M IPS. | 3591 | littl e-endian M IPS. | |||
| 6494 | [Ralf Baechle < ralf@uni-k oblenz.de> ] | 3592 | [Ralf Baechle < ralf@uni-k oblenz.de> ] | |||
| 6495 | 3593 | |||||
| 6496 | *) Add t he possibi lity to cr eate share d librarie s on HP-UX . | 3594 | *) Add t he possibi lity to cr eate share d librarie s on HP-UX . | |||
| 6497 | [Rich ard Levitt e] | 3595 | [Rich ard Levitt e] | |||
| 6498 | 3596 | |||||
| 6499 | Changes b etween 0.9 .6a and 0. 9.6b [9 J ul 2001] | 3597 | Changes b etween 0.9 .6a and 0. 9.6b [9 J ul 2001] | |||
| 6500 | 3598 | |||||
| 6501 | *) Chang e ssleay_r and_bytes (crypto/ra nd/md_rand .c) | 3599 | *) Chang e ssleay_r and_bytes (crypto/ra nd/md_rand .c) | |||
| 6502 | to av oid a SSLe ay/OpenSSL PRNG weak ness point ed out by | 3600 | to av oid a SSLe ay/OpenSSL PRNG weak ness point ed out by | |||
| 6503 | Markk u-Juhani O . Saarinen <markku-j uhani.saar inen@nokia .com>: | 3601 | Markk u-Juhani O . Saarinen <markku-j uhani.saar inen@nokia .com>: | |||
| 6504 | PRNG state reco very was p ossible ba sed on the output of | 3602 | PRNG state reco very was p ossible ba sed on the output of | |||
| 6505 | one P RNG reques t appropri ately size d to gain knowledge on | 3603 | one P RNG reques t appropri ately size d to gain knowledge on | |||
| 6506 | 'md' followed b y enough c onsecutive 1-byte PR NG request s | 3604 | 'md' followed b y enough c onsecutive 1-byte PR NG request s | |||
| 6507 | to tr averse all of 'state '. | 3605 | to tr averse all of 'state '. | |||
| 6508 | 3606 | |||||
| 6509 | 1. Wh en updatin g 'md_loca l' (the cu rrent thre ad's copy of 'md') | 3607 | 1. Wh en updatin g 'md_loca l' (the cu rrent thre ad's copy of 'md') | |||
| 6510 | du ring PRNG output gen eration, h ash all of the previ ous | 3608 | du ring PRNG output gen eration, h ash all of the previ ous | |||
| 6511 | 'm d_local' v alue, not just the h alf used f or PRNG ou tput. | 3609 | 'm d_local' v alue, not just the h alf used f or PRNG ou tput. | |||
| 6512 | 3610 | |||||
| 6513 | 2. Ma ke the num ber of byt es from 's tate' incl uded into the hash | 3611 | 2. Ma ke the num ber of byt es from 's tate' incl uded into the hash | |||
| 6514 | in dependent from the n umber of P RNG bytes requested. | 3612 | in dependent from the n umber of P RNG bytes requested. | |||
| 6515 | 3613 | |||||
| 6516 | The f irst measu re alone w ould be su fficient t o avoid | 3614 | The f irst measu re alone w ould be su fficient t o avoid | |||
| 6517 | Markk u-Juhani's attack. (Actually it had nev er occurre d | 3615 | Markk u-Juhani's attack. (Actually it had nev er occurre d | |||
| 6518 | to me that the half of 'm d_local' u sed for ch aining was the | 3616 | to me that the half of 'm d_local' u sed for ch aining was the | |||
| 6519 | half from which PRNG outp ut bytes w ere taken -- I had a lways | 3617 | half from which PRNG outp ut bytes w ere taken -- I had a lways | |||
| 6520 | assum ed that th e secret h alf would be used.) The secon d | 3618 | assum ed that th e secret h alf would be used.) The secon d | |||
| 6521 | measu re makes s ure that a dditional data from 'state' is never | 3619 | measu re makes s ure that a dditional data from 'state' is never | |||
| 6522 | mixed into 'md_ local' in small port ions; this heuristic ally | 3620 | mixed into 'md_ local' in small port ions; this heuristic ally | |||
| 6523 | furth er strengt hens the P RNG. | 3621 | furth er strengt hens the P RNG. | |||
| 6524 | [Bodo Moeller] | 3622 | [Bodo Moeller] | |||
| 6525 | 3623 | |||||
| 6526 | *) Fix c rypto/bn/a sm/mips3.s . | 3624 | *) Fix c rypto/bn/a sm/mips3.s . | |||
| 6527 | [Andy Polyakov] | 3625 | [Andy Polyakov] | |||
| 6528 | 3626 | |||||
| 6529 | *) When only the k ey is give n to "enc" , the IV i s undefine d. Print o ut | 3627 | *) When only the k ey is give n to "enc" , the IV i s undefine d. Print o ut | |||
| 6530 | an er ror messag e in this case. | 3628 | an er ror messag e in this case. | |||
| 6531 | [Lutz Jaenicke] | 3629 | [Lutz Jaenicke] | |||
| 6532 | 3630 | |||||
| 6533 | *) Handl e special case when X509_NAME is empty i n X509 pri nting rout ines. | 3631 | *) Handl e special case when X509_NAME is empty i n X509 pri nting rout ines. | |||
| 6534 | [Stev e Henson] | 3632 | [Stev e Henson] | |||
| 6535 | 3633 | |||||
| 6536 | *) In ds a_do_verif y (crypto/ dsa/dsa_os sl.c), ver ify that r and s are | 3634 | *) In ds a_do_verif y (crypto/ dsa/dsa_os sl.c), ver ify that r and s are | |||
| 6537 | posit ive and le ss than q. | 3635 | posit ive and le ss than q. | |||
| 6538 | [Bodo Moeller] | 3636 | [Bodo Moeller] | |||
| 6539 | 3637 | |||||
| 6540 | *) Don't change *p ointer in CRYPTO_add _lock() is add_lock_ callback i s | 3638 | *) Don't change *p ointer in CRYPTO_add _lock() is add_lock_ callback i s | |||
| 6541 | used: it isn't thread saf e and the add_lock_c allback sh ould handl e | 3639 | used: it isn't thread saf e and the add_lock_c allback sh ould handl e | |||
| 6542 | that itself. | 3640 | that itself. | |||
| 6543 | [Paul Rose <Pau l.Rose@bri dge.com>] | 3641 | [Paul Rose <Pau l.Rose@bri dge.com>] | |||
| 6544 | 3642 | |||||
| 6545 | *) Verif y that inc oming data obeys the block siz e in | 3643 | *) Verif y that inc oming data obeys the block siz e in | |||
| 6546 | ssl3_ enc (ssl/s 3_enc.c) a nd tls1_en c (ssl/t1_ enc.c). | 3644 | ssl3_ enc (ssl/s 3_enc.c) a nd tls1_en c (ssl/t1_ enc.c). | |||
| 6547 | [Bodo Moeller] | 3645 | [Bodo Moeller] | |||
| 6548 | 3646 | |||||
| 6549 | *) Fix O AEP check. | 3647 | *) Fix O AEP check. | |||
| 6550 | [Ulf Möller, Bo do Möller] | 3648 | [Ulf Möller, Bo do Möller] | |||
| 6551 | 3649 | |||||
| 6552 | *) The c ountermeas ure agains t Bleichba cher's att ack on PKC S #1 v1.5 | 3650 | *) The c ountermeas ure agains t Bleichba cher's att ack on PKC S #1 v1.5 | |||
| 6553 | RSA e ncryption was accide ntally rem oved in s3 _srvr.c in OpenSSL 0 .9.5 | 3651 | RSA e ncryption was accide ntally rem oved in s3 _srvr.c in OpenSSL 0 .9.5 | |||
| 6554 | when fixing the server be haviour fo r backward s-compatib le 'client | 3652 | when fixing the server be haviour fo r backward s-compatib le 'client | |||
| 6555 | hello ' messages . (Note t hat the at tack is im practical against | 3653 | hello ' messages . (Note t hat the at tack is im practical against | |||
| 6556 | SSL 3 .0 and TLS 1.0 anywa y because length and version c hecking | 3654 | SSL 3 .0 and TLS 1.0 anywa y because length and version c hecking | |||
| 6557 | means that the probabilit y of guess ing a vali d cipherte xt is | 3655 | means that the probabilit y of guess ing a vali d cipherte xt is | |||
| 6558 | aroun d 2^-40; s ee section 5 in Blei chenbacher 's CRYPTO '98 | 3656 | aroun d 2^-40; s ee section 5 in Blei chenbacher 's CRYPTO '98 | |||
| 6559 | paper .) | 3657 | paper .) | |||
| 6560 | 3658 | |||||
| 6561 | Befor e 0.9.5, t he counter measure (h ide the er ror by gen erating a | 3659 | Befor e 0.9.5, t he counter measure (h ide the er ror by gen erating a | |||
| 6562 | rando m 'decrypt ion result ') did not work prop erly becau se | 3660 | rando m 'decrypt ion result ') did not work prop erly becau se | |||
| 6563 | ERR_c lear_error () was mis sing, mean ing that S SL_get_err or() would | 3661 | ERR_c lear_error () was mis sing, mean ing that S SL_get_err or() would | |||
| 6564 | detec t the supp osedly ign ored error . | 3662 | detec t the supp osedly ign ored error . | |||
| 6565 | 3663 | |||||
| 6566 | Both problems a re now fix ed. | 3664 | Both problems a re now fix ed. | |||
| 6567 | [Bodo Moeller] | 3665 | [Bodo Moeller] | |||
| 6568 | 3666 | |||||
| 6569 | *) In cr ypto/bio/b f_buff.c, increase D EFAULT_BUF FER_SIZE t o 4096 | 3667 | *) In cr ypto/bio/b f_buff.c, increase D EFAULT_BUF FER_SIZE t o 4096 | |||
| 6570 | (prev iously it was 1024). | 3668 | (prev iously it was 1024). | |||
| 6571 | [Bodo Moeller] | 3669 | [Bodo Moeller] | |||
| 6572 | 3670 | |||||
| 6573 | *) Fix f or compati bility mod e trust se ttings: ig nore trust settings | 3671 | *) Fix f or compati bility mod e trust se ttings: ig nore trust settings | |||
| 6574 | unles s some val id trust o r reject s ettings ar e present. | 3672 | unles s some val id trust o r reject s ettings ar e present. | |||
| 6575 | [Stev e Henson] | 3673 | [Stev e Henson] | |||
| 6576 | 3674 | |||||
| 6577 | *) Fix f or blowfis h EVP: its a variabl e length c ipher. | 3675 | *) Fix f or blowfis h EVP: its a variabl e length c ipher. | |||
| 6578 | [Stev e Henson] | 3676 | [Stev e Henson] | |||
| 6579 | 3677 | |||||
| 6580 | *) Fix v arious bug s related to DSA S/M IME verifi cation. Ha ndle missi ng | 3678 | *) Fix v arious bug s related to DSA S/M IME verifi cation. Ha ndle missi ng | |||
| 6581 | param eters in D SA public key struct ures and r eturn an e rror in th e | 3679 | param eters in D SA public key struct ures and r eturn an e rror in th e | |||
| 6582 | DSA r outines if parameter s are abse nt. | 3680 | DSA r outines if parameter s are abse nt. | |||
| 6583 | [Stev e Henson] | 3681 | [Stev e Henson] | |||
| 6584 | 3682 | |||||
| 6585 | *) In ve rsions up to 0.9.6, RAND_file_ name() res orted to f ile ".rnd" | 3683 | *) In ve rsions up to 0.9.6, RAND_file_ name() res orted to f ile ".rnd" | |||
| 6586 | in th e current directory if neither $RANDFILE nor $HOME was set. | 3684 | in th e current directory if neither $RANDFILE nor $HOME was set. | |||
| 6587 | RAND_ file_name( ) in 0.9.6 a returned NULL in t his case. This has | 3685 | RAND_ file_name( ) in 0.9.6 a returned NULL in t his case. This has | |||
| 6588 | cause d some con fusion to Windows us ers who ha ven't defi ned $HOME. | 3686 | cause d some con fusion to Windows us ers who ha ven't defi ned $HOME. | |||
| 6589 | Thus RAND_file_ name() is changed ag ain: e_os. h can defi ne a | 3687 | Thus RAND_file_ name() is changed ag ain: e_os. h can defi ne a | |||
| 6590 | DEFAU LT_HOME, w hich will be used if $HOME is not set. | 3688 | DEFAU LT_HOME, w hich will be used if $HOME is not set. | |||
| 6591 | For W indows, we use "C:"; on other platforms, we still require | 3689 | For W indows, we use "C:"; on other platforms, we still require | |||
| 6592 | envir onment var iables. | 3690 | envir onment var iables. | |||
| 6593 | 3691 | |||||
| 6594 | *) Move 'if (!init ialized) R AND_poll() ' into reg ions prote cted by | 3692 | *) Move 'if (!init ialized) R AND_poll() ' into reg ions prote cted by | |||
| 6595 | CRYPT O_LOCK_RAN D. This i s not stri ctly neces sary, but avoids | 3693 | CRYPT O_LOCK_RAN D. This i s not stri ctly neces sary, but avoids | |||
| 6596 | havin g multiple threads c all RAND_p oll() conc urrently. | 3694 | havin g multiple threads c all RAND_p oll() conc urrently. | |||
| 6597 | [Bodo Moeller] | 3695 | [Bodo Moeller] | |||
| 6598 | 3696 | |||||
| 6599 | *) In cr ypto/rand/ md_rand.c, replace ' add_do_not _lock' fla g by a | 3697 | *) In cr ypto/rand/ md_rand.c, replace ' add_do_not _lock' fla g by a | |||
| 6600 | combi nation of a flag and a thread ID variabl e. | 3698 | combi nation of a flag and a thread ID variabl e. | |||
| 6601 | Other wise while one threa d is in ss leay_rand_ bytes (whi ch sets th e | 3699 | Other wise while one threa d is in ss leay_rand_ bytes (whi ch sets th e | |||
| 6602 | flag) , *other* threads ca n enter ss leay_add_b ytes witho ut obeying | 3700 | flag) , *other* threads ca n enter ss leay_add_b ytes witho ut obeying | |||
| 6603 | the C RYPTO_LOCK _RAND lock (and may even illeg ally relea se the loc k | 3701 | the C RYPTO_LOCK _RAND lock (and may even illeg ally relea se the loc k | |||
| 6604 | that they do no t hold aft er the fir st thread unsets add _do_not_lo ck). | 3702 | that they do no t hold aft er the fir st thread unsets add _do_not_lo ck). | |||
| 6605 | [Bodo Moeller] | 3703 | [Bodo Moeller] | |||
| 6606 | 3704 | |||||
| 6607 | *) Chang e bctest a gain: '-x' expressio ns are not available in all | 3705 | *) Chang e bctest a gain: '-x' expressio ns are not available in all | |||
| 6608 | versi ons of 'te st'. | 3706 | versi ons of 'te st'. | |||
| 6609 | [Bodo Moeller] | 3707 | [Bodo Moeller] | |||
| 6610 | 3708 | |||||
| 6611 | Changes b etween 0.9 .6 and 0.9 .6a [5 Ap r 2001] | 3709 | Changes b etween 0.9 .6 and 0.9 .6a [5 Ap r 2001] | |||
| 6612 | 3710 | |||||
| 6613 | *) Fix a couple of memory le aks in PKC S7_dataDec ode() | 3711 | *) Fix a couple of memory le aks in PKC S7_dataDec ode() | |||
| 6614 | [Stev e Henson, reported b y Heyun Zh eng <hzhen g@atdsprin t.com>] | 3712 | [Stev e Henson, reported b y Heyun Zh eng <hzhen g@atdsprin t.com>] | |||
| 6615 | 3713 | |||||
| 6616 | *) Chang e Configur e and Make files to p rovide EXE _EXT, whic h will con tain | 3714 | *) Chang e Configur e and Make files to p rovide EXE _EXT, whic h will con tain | |||
| 6617 | the d efault ext ension for executabl es, if any . Also, m ake the pe rl | 3715 | the d efault ext ension for executabl es, if any . Also, m ake the pe rl | |||
| 6618 | scrip ts that us e symlink( ) to test if it real ly exists and use "c p" | 3716 | scrip ts that us e symlink( ) to test if it real ly exists and use "c p" | |||
| 6619 | if it doesn't. All this made OpenS SL compila ble and in stallable in | 3717 | if it doesn't. All this made OpenS SL compila ble and in stallable in | |||
| 6620 | CygWi n. | 3718 | CygWi n. | |||
| 6621 | [Rich ard Levitt e] | 3719 | [Rich ard Levitt e] | |||
| 6622 | 3720 | |||||
| 6623 | *) Fix f or asn1_Ge tSequence( ) for inde finite len gth constr ucted data . | 3721 | *) Fix f or asn1_Ge tSequence( ) for inde finite len gth constr ucted data . | |||
| 6624 | If SE QUENCE is length is indefinite just set c->slen to the total | 3722 | If SE QUENCE is length is indefinite just set c->slen to the total | |||
| 6625 | amoun t of data available. | 3723 | amoun t of data available. | |||
| 6626 | [Stev e Henson, reported b y shige@Fr eeBSD.org] | 3724 | [Stev e Henson, reported b y shige@Fr eeBSD.org] | |||
| 6627 | [This change do es not app ly to 0.9. 7.] | 3725 | [This change do es not app ly to 0.9. 7.] | |||
| 6628 | 3726 | |||||
| 6629 | *) Chang e bctest t o avoid he re-documen ts inside command su bstitution | 3727 | *) Chang e bctest t o avoid he re-documen ts inside command su bstitution | |||
| 6630 | (work around for FreeBSD / bin/sh bug ). | 3728 | (work around for FreeBSD / bin/sh bug ). | |||
| 6631 | For c ompatibili ty with Ul trix, avoi d shell fu nctions (i ntroduced | 3729 | For c ompatibili ty with Ul trix, avoi d shell fu nctions (i ntroduced | |||
| 6632 | in th e bctest v ersion tha t searches along $PA TH). | 3730 | in th e bctest v ersion tha t searches along $PA TH). | |||
| 6633 | [Bodo Moeller] | 3731 | [Bodo Moeller] | |||
| 6634 | 3732 | |||||
| 6635 | *) Renam e 'des_enc rypt' to ' des_encryp t1'. This avoids th e clashes | 3733 | *) Renam e 'des_enc rypt' to ' des_encryp t1'. This avoids th e clashes | |||
| 6636 | with des_encryp t() define d on some operating systems, l ike Solari s | 3734 | with des_encryp t() define d on some operating systems, l ike Solari s | |||
| 6637 | and U nixWare. | 3735 | and U nixWare. | |||
| 6638 | [Rich ard Levitt e] | 3736 | [Rich ard Levitt e] | |||
| 6639 | 3737 | |||||
| 6640 | *) Check the resul t of RSA-C RT (see D. Boneh, R. DeMillo, R. Lipton: | 3738 | *) Check the resul t of RSA-C RT (see D. Boneh, R. DeMillo, R. Lipton: | |||
| 6641 | On th e Importan ce of Elim inating Er rors in Cr yptographi c | 3739 | On th e Importan ce of Elim inating Er rors in Cr yptographi c | |||
| 6642 | Compu tations, J . Cryptolo gy 14 (200 1) 2, 101- 119, | 3740 | Compu tations, J . Cryptolo gy 14 (200 1) 2, 101- 119, | |||
| 6643 | http: //theory.s tanford.ed u/~dabo/pa pers/fault s.ps.gz). | 3741 | http: //theory.s tanford.ed u/~dabo/pa pers/fault s.ps.gz). | |||
| 6644 | [Ulf Moeller] | 3742 | [Ulf Moeller] | |||
| 6645 | 3743 | |||||
| 6646 | *) MIPS assembler BIGNUM div ision bug fix. | 3744 | *) MIPS assembler BIGNUM div ision bug fix. | |||
| 6647 | [Andy Polyakov] | 3745 | [Andy Polyakov] | |||
| 6648 | 3746 | |||||
| 6649 | *) Disab led incorr ect Alpha assembler code. | 3747 | *) Disab led incorr ect Alpha assembler code. | |||
| 6650 | [Rich ard Levitt e] | 3748 | [Rich ard Levitt e] | |||
| 6651 | 3749 | |||||
| 6652 | *) Fix P KCS#7 deco de routine s so they correctly update the length | 3750 | *) Fix P KCS#7 deco de routine s so they correctly update the length | |||
| 6653 | after reading a n EOC for the EXPLIC IT tag. | 3751 | after reading a n EOC for the EXPLIC IT tag. | |||
| 6654 | [Stev e Henson] | 3752 | [Stev e Henson] | |||
| 6655 | [This change do es not app ly to 0.9. 7.] | 3753 | [This change do es not app ly to 0.9. 7.] | |||
| 6656 | 3754 | |||||
| 6657 | *) Fix b ug in PKCS #12 key ge neration r outines. T his was tr iggered | 3755 | *) Fix b ug in PKCS #12 key ge neration r outines. T his was tr iggered | |||
| 6658 | if a 3DES key w as generat ed with a 0 initial byte. Incl ude | 3756 | if a 3DES key w as generat ed with a 0 initial byte. Incl ude | |||
| 6659 | PKCS1 2_BROKEN_K EYGEN comp ilation op tion to re tain the o ld | 3757 | PKCS1 2_BROKEN_K EYGEN comp ilation op tion to re tain the o ld | |||
| 6660 | (but broken) be haviour. | 3758 | (but broken) be haviour. | |||
| 6661 | [Stev e Henson] | 3759 | [Stev e Henson] | |||
| 6662 | 3760 | |||||
| 6663 | *) Enhan ce bctest to search for a work ing bc alo ng $PATH a nd print | 3761 | *) Enhan ce bctest to search for a work ing bc alo ng $PATH a nd print | |||
| 6664 | it wh en found. | 3762 | it wh en found. | |||
| 6665 | [Tim Rice <tim@ multitalen ts.net> vi a Richard Levitte] | 3763 | [Tim Rice <tim@ multitalen ts.net> vi a Richard Levitte] | |||
| 6666 | 3764 | |||||
| 6667 | *) Fix m emory leak s in err.c : free err _data stri ng if nece ssary; | 3765 | *) Fix m emory leak s in err.c : free err _data stri ng if nece ssary; | |||
| 6668 | don't write to the wrong index in E RR_set_err or_data. | 3766 | don't write to the wrong index in E RR_set_err or_data. | |||
| 6669 | [Bodo Moeller] | 3767 | [Bodo Moeller] | |||
| 6670 | 3768 | |||||
| 6671 | *) Imple ment ssl23 _peek (ana logous to ssl23_read ), which p reviously | 3769 | *) Imple ment ssl23 _peek (ana logous to ssl23_read ), which p reviously | |||
| 6672 | did n ot exist. | 3770 | did n ot exist. | |||
| 6673 | [Bodo Moeller] | 3771 | [Bodo Moeller] | |||
| 6674 | 3772 | |||||
| 6675 | *) Repla ce rdtsc w ith _emit statements for VC++ version 5. | 3773 | *) Repla ce rdtsc w ith _emit statements for VC++ version 5. | |||
| 6676 | [Jere my Cooper <jeremy@ba ymoo.org>] | 3774 | [Jere my Cooper <jeremy@ba ymoo.org>] | |||
| 6677 | 3775 | |||||
| 6678 | *) Make it possibl e to reuse SSLv2 ses sions. | 3776 | *) Make it possibl e to reuse SSLv2 ses sions. | |||
| 6679 | [Rich ard Levitt e] | 3777 | [Rich ard Levitt e] | |||
| 6680 | 3778 | |||||
| 6681 | *) In co py_email() check for >= 0 as a return va lue for | 3779 | *) In co py_email() check for >= 0 as a return va lue for | |||
| 6682 | X509_ NAME_get_i ndex_by_NI D() since 0 is a val id index. | 3780 | X509_ NAME_get_i ndex_by_NI D() since 0 is a val id index. | |||
| 6683 | [Stev e Henson r eported by Massimili ano Pala < madwolf@op ensca.org> ] | 3781 | [Stev e Henson r eported by Massimili ano Pala < madwolf@op ensca.org> ] | |||
| 6684 | 3782 | |||||
| 6685 | *) Avoid coredump with unsup ported or invalid pu blic keys by checkin g if | 3783 | *) Avoid coredump with unsup ported or invalid pu blic keys by checkin g if | |||
| 6686 | X509_ get_pubkey () fails i n PKCS7_ve rify(). Fi x memory l eak when | 3784 | X509_ get_pubkey () fails i n PKCS7_ve rify(). Fi x memory l eak when | |||
| 6687 | PKCS7 _verify() fails with non detac hed data. | 3785 | PKCS7 _verify() fails with non detac hed data. | |||
| 6688 | [Stev e Henson] | 3786 | [Stev e Henson] | |||
| 6689 | 3787 | |||||
| 6690 | *) Don't use geten v in libra ry functio ns when ru n as setui d/setgid. | 3788 | *) Don't use geten v in libra ry functio ns when ru n as setui d/setgid. | |||
| 6691 | New f unction OP ENSSL_isse tugid(). | 3789 | New f unction OP ENSSL_isse tugid(). | |||
| 6692 | [Ulf Moeller] | 3790 | [Ulf Moeller] | |||
| 6693 | 3791 | |||||
| 6694 | *) Avoid false pos itives in memory lea k detectio n code (cr ypto/mem_d bg.c) | 3792 | *) Avoid false pos itives in memory lea k detectio n code (cr ypto/mem_d bg.c) | |||
| 6695 | due t o incorrec t handling of multi- threading: | 3793 | due t o incorrec t handling of multi- threading: | |||
| 6696 | 3794 | |||||
| 6697 | 1. Fi x timing g litch in t he MemChec k_off() po rtion of C RYPTO_mem_ ctrl(). | 3795 | 1. Fi x timing g litch in t he MemChec k_off() po rtion of C RYPTO_mem_ ctrl(). | |||
| 6698 | 3796 | |||||
| 6699 | 2. Fi x logical glitch in is_MemChec k_on() aka CRYPTO_is _mem_check _on(). | 3797 | 2. Fi x logical glitch in is_MemChec k_on() aka CRYPTO_is _mem_check _on(). | |||
| 6700 | 3798 | |||||
| 6701 | 3. Co unt how ma ny times M emCheck_of f() has be en called so that | 3799 | 3. Co unt how ma ny times M emCheck_of f() has be en called so that | |||
| 6702 | ne sted use c an be trea ted correc tly. This also avoi ds | 3800 | ne sted use c an be trea ted correc tly. This also avoi ds | |||
| 6703 | in band-signa lling in t he previou s code (wh ich relied on the | 3801 | in band-signa lling in t he previou s code (wh ich relied on the | |||
| 6704 | as sumption t hat thread ID 0 is i mpossible) . | 3802 | as sumption t hat thread ID 0 is i mpossible) . | |||
| 6705 | [Bodo Moeller] | 3803 | [Bodo Moeller] | |||
| 6706 | 3804 | |||||
| 6707 | *) Add " -rand" opt ion also t o s_client and s_ser ver. | 3805 | *) Add " -rand" opt ion also t o s_client and s_ser ver. | |||
| 6708 | [Lutz Jaenicke] | 3806 | [Lutz Jaenicke] | |||
| 6709 | 3807 | |||||
| 6710 | *) Fix C PU detecti on on Irix 6.x. | 3808 | *) Fix C PU detecti on on Irix 6.x. | |||
| 6711 | [Kurt Hockenbur y <khocken b@stevens- tech.edu> and | 3809 | [Kurt Hockenbur y <khocken b@stevens- tech.edu> and | |||
| 6712 | "Bru ce W. Fors berg" <bru ce.forsber g@baesyste ms.com>] | 3810 | "Bru ce W. Fors berg" <bru ce.forsber g@baesyste ms.com>] | |||
| 6713 | 3811 | |||||
| 6714 | *) Fix X 509_NAME b ug which p roduced in correct en coding if X509_NAME | 3812 | *) Fix X 509_NAME b ug which p roduced in correct en coding if X509_NAME | |||
| 6715 | was e mpty. | 3813 | was e mpty. | |||
| 6716 | [Stev e Henson] | 3814 | [Stev e Henson] | |||
| 6717 | [This change do es not app ly to 0.9. 7.] | 3815 | [This change do es not app ly to 0.9. 7.] | |||
| 6718 | 3816 | |||||
| 6719 | *) Use t he cached encoding o f an X509_ NAME struc ture rathe r than | 3817 | *) Use t he cached encoding o f an X509_ NAME struc ture rathe r than | |||
| 6720 | copyi ng it. Thi s is appar ently the reason for the libsa fe "errors " | 3818 | copyi ng it. Thi s is appar ently the reason for the libsa fe "errors " | |||
| 6721 | but t he code is actually correct. | 3819 | but t he code is actually correct. | |||
| 6722 | [Stev e Henson] | 3820 | [Stev e Henson] | |||
| 6723 | 3821 | |||||
| 6724 | *) Add n ew functio n BN_rand_ range(), a nd fix DSA _sign_setu p() to pre vent | 3822 | *) Add n ew functio n BN_rand_ range(), a nd fix DSA _sign_setu p() to pre vent | |||
| 6725 | Bleic henbacher' s DSA atta ck. | 3823 | Bleic henbacher' s DSA atta ck. | |||
| 6726 | Exten d BN_[pseu do_]rand: As before, top=1 for ces the hi ghest two bits | 3824 | Exten d BN_[pseu do_]rand: As before, top=1 for ces the hi ghest two bits | |||
| 6727 | to be set and t op=0 force s the high est bit to be set; t op=-1 is n ew | 3825 | to be set and t op=0 force s the high est bit to be set; t op=-1 is n ew | |||
| 6728 | and l eaves the highest bi t random. | 3826 | and l eaves the highest bi t random. | |||
| 6729 | [Ulf Moeller, B odo Moelle r] | 3827 | [Ulf Moeller, B odo Moelle r] | |||
| 6730 | 3828 | |||||
| 6731 | *) In th e NCONF_.. .-based im plementati ons for CO NF_... que ries | 3829 | *) In th e NCONF_.. .-based im plementati ons for CO NF_... que ries | |||
| 6732 | (cryp to/conf/co nf_lib.c), if the in put LHASH is NULL, a void using | 3830 | (cryp to/conf/co nf_lib.c), if the in put LHASH is NULL, a void using | |||
| 6733 | a tem porary CON F structur e with the data comp onent set to NULL | 3831 | a tem porary CON F structur e with the data comp onent set to NULL | |||
| 6734 | (whic h gives se gmentation faults in lh_retrie ve). | 3832 | (whic h gives se gmentation faults in lh_retrie ve). | |||
| 6735 | Inste ad, use NU LL for the CONF poin ter in CON F_get_stri ng and | 3833 | Inste ad, use NU LL for the CONF poin ter in CON F_get_stri ng and | |||
| 6736 | CONF_ get_number (which ma y use envi ronment va riables) a nd directl y | 3834 | CONF_ get_number (which ma y use envi ronment va riables) a nd directl y | |||
| 6737 | retur n NULL fro m CONF_get _section. | 3835 | retur n NULL fro m CONF_get _section. | |||
| 6738 | [Bodo Moeller] | 3836 | [Bodo Moeller] | |||
| 6739 | 3837 | |||||
| 6740 | *) Fix p otential b uffer over run for EB CDIC. | 3838 | *) Fix p otential b uffer over run for EB CDIC. | |||
| 6741 | [Ulf Moeller] | 3839 | [Ulf Moeller] | |||
| 6742 | 3840 | |||||
| 6743 | *) Toler ate nonRep udiation a s being va lid for S/ MIME signi ng and cer tSign | 3841 | *) Toler ate nonRep udiation a s being va lid for S/ MIME signi ng and cer tSign | |||
| 6744 | keyUs age if bas icConstrai nts absent for a CA. | 3842 | keyUs age if bas icConstrai nts absent for a CA. | |||
| 6745 | [Stev e Henson] | 3843 | [Stev e Henson] | |||
| 6746 | 3844 | |||||
| 6747 | *) Make SMIME_writ e_PKCS7() write mail header va lues with a format t hat | 3845 | *) Make SMIME_writ e_PKCS7() write mail header va lues with a format t hat | |||
| 6748 | is mo re general ly accepte d (no spac es before the semico lon), sinc e | 3846 | is mo re general ly accepte d (no spac es before the semico lon), sinc e | |||
| 6749 | some programs c an't parse those val ues proper ly otherwi se. Also make | 3847 | some programs c an't parse those val ues proper ly otherwi se. Also make | |||
| 6750 | sure BIO's that break lin es after e ach write do not cre ate invali d | 3848 | sure BIO's that break lin es after e ach write do not cre ate invali d | |||
| 6751 | heade rs. | 3849 | heade rs. | |||
| 6752 | [Rich ard Levitt e] | 3850 | [Rich ard Levitt e] | |||
| 6753 | 3851 | |||||
| 6754 | *) Make the CRL en coding rou tines work with empt y SEQUENCE OF. The | 3852 | *) Make the CRL en coding rou tines work with empt y SEQUENCE OF. The | |||
| 6755 | macro s previous ly used wo uld not en code an em pty SEQUEN CE OF | 3853 | macro s previous ly used wo uld not en code an em pty SEQUEN CE OF | |||
| 6756 | and b reak the s ignature. | 3854 | and b reak the s ignature. | |||
| 6757 | [Stev e Henson] | 3855 | [Stev e Henson] | |||
| 6758 | [This change do es not app ly to 0.9. 7.] | 3856 | [This change do es not app ly to 0.9. 7.] | |||
| 6759 | 3857 | |||||
| 6760 | *) Zero the premas ter secret after der iving the master sec ret in | 3858 | *) Zero the premas ter secret after der iving the master sec ret in | |||
| 6761 | DH ci phersuites . | 3859 | DH ci phersuites . | |||
| 6762 | [Stev e Henson] | 3860 | [Stev e Henson] | |||
| 6763 | 3861 | |||||
| 6764 | *) Add s ome EVP_ad d_digest_a lias regis trations ( as found i n | 3862 | *) Add s ome EVP_ad d_digest_a lias regis trations ( as found i n | |||
| 6765 | OpenS SL_add_all _digests() ) to SSL_l ibrary_ini t() | 3863 | OpenS SL_add_all _digests() ) to SSL_l ibrary_ini t() | |||
| 6766 | aka O penSSL_add _ssl_algor ithms(). This provi des improv ed | 3864 | aka O penSSL_add _ssl_algor ithms(). This provi des improv ed | |||
| 6767 | compa tibility w ith peers using X.50 9 certific ates | 3865 | compa tibility w ith peers using X.50 9 certific ates | |||
| 6768 | with unconventi onal Algor ithmIdenti fier OIDs. | 3866 | with unconventi onal Algor ithmIdenti fier OIDs. | |||
| 6769 | [Bodo Moeller] | 3867 | [Bodo Moeller] | |||
| 6770 | 3868 | |||||
| 6771 | *) Fix f or Irix wi th NO_ASM. | 3869 | *) Fix f or Irix wi th NO_ASM. | |||
| 6772 | ["Bru ce W. Fors berg" <bru ce.forsber g@baesyste ms.com>] | 3870 | ["Bru ce W. Fors berg" <bru ce.forsber g@baesyste ms.com>] | |||
| 6773 | 3871 | |||||
| 6774 | *) ./con fig script fixes. | 3872 | *) ./con fig script fixes. | |||
| 6775 | [Ulf Moeller, R ichard Lev itte] | 3873 | [Ulf Moeller, R ichard Lev itte] | |||
| 6776 | 3874 | |||||
| 6777 | *) Fix ' openssl pa sswd -1'. | 3875 | *) Fix ' openssl pa sswd -1'. | |||
| 6778 | [Bodo Moeller] | 3876 | [Bodo Moeller] | |||
| 6779 | 3877 | |||||
| 6780 | *) Chang e PKCS12_k ey_gen_asc () so it c an cope wi th non nul l | 3878 | *) Chang e PKCS12_k ey_gen_asc () so it c an cope wi th non nul l | |||
| 6781 | termi nated stri ngs whose length is passed in the passle n | 3879 | termi nated stri ngs whose length is passed in the passle n | |||
| 6782 | param eter, for example fr om PEM cal lbacks. Th is was don e | 3880 | param eter, for example fr om PEM cal lbacks. Th is was don e | |||
| 6783 | by ad ding an ex tra length parameter to asc2un i(). | 3881 | by ad ding an ex tra length parameter to asc2un i(). | |||
| 6784 | [Stev e Henson, reported b y <oddisse y@samsung. co.kr>] | 3882 | [Stev e Henson, reported b y <oddisse y@samsung. co.kr>] | |||
| 6785 | 3883 | |||||
| 6786 | *) Fix C code gene rated by ' openssl ds aparam -C' : If a BN_ bin2bn | 3884 | *) Fix C code gene rated by ' openssl ds aparam -C' : If a BN_ bin2bn | |||
| 6787 | call failed, fr ee the DSA structure . | 3885 | call failed, fr ee the DSA structure . | |||
| 6788 | [Bodo Moeller] | 3886 | [Bodo Moeller] | |||
| 6789 | 3887 | |||||
| 6790 | *) Fix t o uni2asc( ) to cope with zero length Uni code strin gs. | 3888 | *) Fix t o uni2asc( ) to cope with zero length Uni code strin gs. | |||
| 6791 | These are prese nt in some PKCS#12 f iles. | 3889 | These are prese nt in some PKCS#12 f iles. | |||
| 6792 | [Stev e Henson] | 3890 | [Stev e Henson] | |||
| 6793 | 3891 | |||||
| 6794 | *) Incre ase s2->wb uf allocat ion by one byte in s sl2_new (s sl/s2_lib. c). | 3892 | *) Incre ase s2->wb uf allocat ion by one byte in s sl2_new (s sl/s2_lib. c). | |||
| 6795 | Other wise do_ss l_write (s sl/s2_pkt. c) will wr ite beyond buffer li mits | 3893 | Other wise do_ss l_write (s sl/s2_pkt. c) will wr ite beyond buffer li mits | |||
| 6796 | when writing a 32767 byte record. | 3894 | when writing a 32767 byte record. | |||
| 6797 | [Bodo Moeller; problem re ported by Eric Day < eday@conce ntric.net> ] | 3895 | [Bodo Moeller; problem re ported by Eric Day < eday@conce ntric.net> ] | |||
| 6798 | 3896 | |||||
| 6799 | *) In RS A_eay_publ ic_{en,ed} crypt and RSA_eay_mo d_exp (rsa _eay.c), | 3897 | *) In RS A_eay_publ ic_{en,ed} crypt and RSA_eay_mo d_exp (rsa _eay.c), | |||
| 6800 | obtai n lock CRY PTO_LOCK_R SA before setting rs a->_method _mod_{n,p, q}. | 3898 | obtai n lock CRY PTO_LOCK_R SA before setting rs a->_method _mod_{n,p, q}. | |||
| 6801 | 3899 | |||||
| 6802 | (RSA objects ha ve a refer ence count access to which is protected | 3900 | (RSA objects ha ve a refer ence count access to which is protected | |||
| 6803 | by CR YPTO_LOCK_ RSA [see r sa_lib.c, s3_srvr.c, ssl_cert. c, ssl_rsa .c], | 3901 | by CR YPTO_LOCK_ RSA [see r sa_lib.c, s3_srvr.c, ssl_cert. c, ssl_rsa .c], | |||
| 6804 | so th ey are mea nt to be s hared betw een thread s.) | 3902 | so th ey are mea nt to be s hared betw een thread s.) | |||
| 6805 | [Bodo Moeller, Geoff Thor pe; origin al patch s ubmitted b y | 3903 | [Bodo Moeller, Geoff Thor pe; origin al patch s ubmitted b y | |||
| 6806 | "Redd ie, Steven " <Steven. Reddie@ca. com>] | 3904 | "Redd ie, Steven " <Steven. Reddie@ca. com>] | |||
| 6807 | 3905 | |||||
| 6808 | *) Fix a deadlock in CRYPTO_ mem_leaks( ). | 3906 | *) Fix a deadlock in CRYPTO_ mem_leaks( ). | |||
| 6809 | [Bodo Moeller] | 3907 | [Bodo Moeller] | |||
| 6810 | 3908 | |||||
| 6811 | *) Use b etter test patterns in bntest. | 3909 | *) Use b etter test patterns in bntest. | |||
| 6812 | [Ulf Möller] | 3910 | [Ulf Möller] | |||
| 6813 | 3911 | |||||
| 6814 | *) rand_ win.c fix for Borlan d C. | 3912 | *) rand_ win.c fix for Borlan d C. | |||
| 6815 | [Ulf Möller] | 3913 | [Ulf Möller] | |||
| 6816 | 3914 | |||||
| 6817 | *) BN_rs hift bugfi x for n == 0. | 3915 | *) BN_rs hift bugfi x for n == 0. | |||
| 6818 | [Bodo Moeller] | 3916 | [Bodo Moeller] | |||
| 6819 | 3917 | |||||
| 6820 | *) Add a 'bctest' script tha t checks f or some kn own 'bc' b ugs | 3918 | *) Add a 'bctest' script tha t checks f or some kn own 'bc' b ugs | |||
| 6821 | so th at 'make t est' does not abort just becau se 'bc' is broken. | 3919 | so th at 'make t est' does not abort just becau se 'bc' is broken. | |||
| 6822 | [Bodo Moeller] | 3920 | [Bodo Moeller] | |||
| 6823 | 3921 | |||||
| 6824 | *) Store verify_re sult withi n SSL_SESS ION also f or client side to | 3922 | *) Store verify_re sult withi n SSL_SESS ION also f or client side to | |||
| 6825 | avoid potential security hole. (Re- used sessi ons on the client si de | 3923 | avoid potential security hole. (Re- used sessi ons on the client si de | |||
| 6826 | alway s resulted in verify _result==X 509_V_OK, not using the origin al | 3924 | alway s resulted in verify _result==X 509_V_OK, not using the origin al | |||
| 6827 | resul t of the s erver cert ificate ve rification .) | 3925 | resul t of the s erver cert ificate ve rification .) | |||
| 6828 | [Lutz Jaenicke] | 3926 | [Lutz Jaenicke] | |||
| 6829 | 3927 | |||||
| 6830 | *) Fix s sl3_pendin g: If the record in s->s3->rre c is not o f type | 3928 | *) Fix s sl3_pendin g: If the record in s->s3->rre c is not o f type | |||
| 6831 | SSL3_ RT_APPLICA TION_DATA, return 0. | 3929 | SSL3_ RT_APPLICA TION_DATA, return 0. | |||
| 6832 | Simil arly, chan ge ssl2_pe nding to r eturn 0 if SSL_in_in it(s) is t rue. | 3930 | Simil arly, chan ge ssl2_pe nding to r eturn 0 if SSL_in_in it(s) is t rue. | |||
| 6833 | [Bodo Moeller] | 3931 | [Bodo Moeller] | |||
| 6834 | 3932 | |||||
| 6835 | *) Fix S SL_peek: | 3933 | *) Fix S SL_peek: | |||
| 6836 | Both ssl2_peek and ssl3_p eek, which were tota lly broken in earlie r | 3934 | Both ssl2_peek and ssl3_p eek, which were tota lly broken in earlie r | |||
| 6837 | relea ses, have been re-im plemented by renamin g the prev ious | 3935 | relea ses, have been re-im plemented by renamin g the prev ious | |||
| 6838 | imple mentations of ssl2_r ead and ss l3_read to ssl2_read _internal | 3936 | imple mentations of ssl2_r ead and ss l3_read to ssl2_read _internal | |||
| 6839 | and s sl3_read_i nternal, r espectivel y, and add ing 'peek' parameter s | 3937 | and s sl3_read_i nternal, r espectivel y, and add ing 'peek' parameter s | |||
| 6840 | to th em. The n ew ssl[23] _{read,pee k} functio ns are cal ls to | 3938 | to th em. The n ew ssl[23] _{read,pee k} functio ns are cal ls to | |||
| 6841 | ssl[2 3]_read_in ternal wit h the 'pee k' flag se t appropri ately. | 3939 | ssl[2 3]_read_in ternal wit h the 'pee k' flag se t appropri ately. | |||
| 6842 | A 'pe ek' parame ter has al so been ad ded to ssl 3_read_byt es, which | 3940 | A 'pe ek' parame ter has al so been ad ded to ssl 3_read_byt es, which | |||
| 6843 | does the actual work for ssl3_read_ internal. | 3941 | does the actual work for ssl3_read_ internal. | |||
| 6844 | [Bodo Moeller] | 3942 | [Bodo Moeller] | |||
| 6845 | 3943 | |||||
| 6846 | *) Initi alise "ex_ data" memb er of RSA/ DSA/DH str uctures pr ior to cal ling | 3944 | *) Initi alise "ex_ data" memb er of RSA/ DSA/DH str uctures pr ior to cal ling | |||
| 6847 | the m ethod-spec ific "init ()" handle r. Also cl ean up ex_ data after | 3945 | the m ethod-spec ific "init ()" handle r. Also cl ean up ex_ data after | |||
| 6848 | calli ng the met hod-specif ic "finish ()" handle r. Previou sly, this was | 3946 | calli ng the met hod-specif ic "finish ()" handle r. Previou sly, this was | |||
| 6849 | happe ning the o ther way r ound. | 3947 | happe ning the o ther way r ound. | |||
| 6850 | [Geof f Thorpe] | 3948 | [Geof f Thorpe] | |||
| 6851 | 3949 | |||||
| 6852 | *) Incre ase BN_CTX _NUM (the number of BIGNUMs in a BN_CTX) to 16. | 3950 | *) Incre ase BN_CTX _NUM (the number of BIGNUMs in a BN_CTX) to 16. | |||
| 6853 | The p revious va lue, 12, w as not alw ays suffic ient for B N_mod_exp( ). | 3951 | The p revious va lue, 12, w as not alw ays suffic ient for B N_mod_exp( ). | |||
| 6854 | [Bodo Moeller] | 3952 | [Bodo Moeller] | |||
| 6855 | 3953 | |||||
| 6856 | *) Make sure that shared lib raries get the inter nal name e ngine with | 3954 | *) Make sure that shared lib raries get the inter nal name e ngine with | |||
| 6857 | the f ull versio n number a nd not jus t 0. This should ma rk the | 3955 | the f ull versio n number a nd not jus t 0. This should ma rk the | |||
| 6858 | share d librarie s as not b ackward co mpatible. Of course , this sho uld | 3956 | share d librarie s as not b ackward co mpatible. Of course , this sho uld | |||
| 6859 | be ch anged agai n when we can guaran tee backwa rd binary compatibil ity. | 3957 | be ch anged agai n when we can guaran tee backwa rd binary compatibil ity. | |||
| 6860 | [Rich ard Levitt e] | 3958 | [Rich ard Levitt e] | |||
| 6861 | 3959 | |||||
| 6862 | *) Fix t ypo in get _cert_by_s ubject() i n by_dir.c | 3960 | *) Fix t ypo in get _cert_by_s ubject() i n by_dir.c | |||
| 6863 | [Jean -Marc Desp errier <je an-marc.de sperrier@c ertplus.co m>] | 3961 | [Jean -Marc Desp errier <je an-marc.de sperrier@c ertplus.co m>] | |||
| 6864 | 3962 | |||||
| 6865 | *) Rewor k the syst em to gene rate share d librarie s: | 3963 | *) Rewor k the syst em to gene rate share d librarie s: | |||
| 6866 | 3964 | |||||
| 6867 | - Mak e note of the expect ed extensi on for the shared li braries an d | 3965 | - Mak e note of the expect ed extensi on for the shared li braries an d | |||
| 6868 | if there is a need for symbolic l inks from for exampl e libcrypt o.so.0 | 3966 | if there is a need for symbolic l inks from for exampl e libcrypt o.so.0 | |||
| 6869 | to libcrypto. so.0.9.7. There is extended i nfo in Con figure for | 3967 | to libcrypto. so.0.9.7. There is extended i nfo in Con figure for | |||
| 6870 | tha t. | 3968 | tha t. | |||
| 6871 | 3969 | |||||
| 6872 | - Mak e as few r ebuilds of the share d librarie s as possi ble. | 3970 | - Mak e as few r ebuilds of the share d librarie s as possi ble. | |||
| 6873 | 3971 | |||||
| 6874 | - Sti ll avoid l inking the OpenSSL p rograms wi th the sha red librar ies. | 3972 | - Sti ll avoid l inking the OpenSSL p rograms wi th the sha red librar ies. | |||
| 6875 | 3973 | |||||
| 6876 | - Whe n installi ng, instal l the shar ed librari es separat ely from t he | 3974 | - Whe n installi ng, instal l the shar ed librari es separat ely from t he | |||
| 6877 | sta tic ones. | 3975 | sta tic ones. | |||
| 6878 | [Rich ard Levitt e] | 3976 | [Rich ard Levitt e] | |||
| 6879 | 3977 | |||||
| 6880 | *) Fix S SL_CTX_set _read_ahea d macro to actually use its ar gument. | 3978 | *) Fix S SL_CTX_set _read_ahea d macro to actually use its ar gument. | |||
| 6881 | 3979 | |||||
| 6882 | Copy SSL_CTX's read_ahead flag to S SL object directly i n SSL_new | 3980 | Copy SSL_CTX's read_ahead flag to S SL object directly i n SSL_new | |||
| 6883 | and n ot in SSL_ clear beca use the la tter is al so used by the | 3981 | and n ot in SSL_ clear beca use the la tter is al so used by the | |||
| 6884 | accep t/connect functions; previousl y, the set tings made by | 3982 | accep t/connect functions; previousl y, the set tings made by | |||
| 6885 | SSL_s et_read_ah ead would be lost du ring the h andshake. | 3983 | SSL_s et_read_ah ead would be lost du ring the h andshake. | |||
| 6886 | [Bodo Moeller; problems r eported by Anders Ge rtz <gertz @epact.se> ] | 3984 | [Bodo Moeller; problems r eported by Anders Ge rtz <gertz @epact.se> ] | |||
| 6887 | 3985 | |||||
| 6888 | *) Corre ct util/mk def.pl to be selecti ve about d isabled al gorithms. | 3986 | *) Corre ct util/mk def.pl to be selecti ve about d isabled al gorithms. | |||
| 6889 | Previ ously, it would crea te entries for disab leed algor ithms no | 3987 | Previ ously, it would crea te entries for disab leed algor ithms no | |||
| 6890 | matte r what. | 3988 | matte r what. | |||
| 6891 | [Rich ard Levitt e] | 3989 | [Rich ard Levitt e] | |||
| 6892 | 3990 | |||||
| 6893 | *) Added several n ew manual pages for SSL_* func tion. | 3991 | *) Added several n ew manual pages for SSL_* func tion. | |||
| 6894 | [Lutz Jaenicke] | 3992 | [Lutz Jaenicke] | |||
| 6895 | 3993 | |||||
| 6896 | Changes b etween 0.9 .5a and 0. 9.6 [24 S ep 2000] | 3994 | Changes b etween 0.9 .5a and 0. 9.6 [24 S ep 2000] | |||
| 6897 | 3995 | |||||
| 6898 | *) In ss l23_get_cl ient_hello , generate an error message wh en faced | 3996 | *) In ss l23_get_cl ient_hello , generate an error message wh en faced | |||
| 6899 | with an initial SSL 3.0/T LS record that is to o small to contain t he | 3997 | with an initial SSL 3.0/T LS record that is to o small to contain t he | |||
| 6900 | first two bytes of the Cl ientHello message, i .e. client _version. | 3998 | first two bytes of the Cl ientHello message, i .e. client _version. | |||
| 6901 | (Note that this is a path ologic cas e that pro bably has never happ ened | 3999 | (Note that this is a path ologic cas e that pro bably has never happ ened | |||
| 6902 | in re al life.) The previ ous approa ch was to use the ve rsion numb er | 4000 | in re al life.) The previ ous approa ch was to use the ve rsion numb er | |||
| 6903 | from the record header as a substit ute; but o ur protoco l choice | 4001 | from the record header as a substit ute; but o ur protoco l choice | |||
| 6904 | shoul d not depe nd on that one becau se it is n ot authent icated | 4002 | shoul d not depe nd on that one becau se it is n ot authent icated | |||
| 6905 | by th e Finished messages. | 4003 | by th e Finished messages. | |||
| 6906 | [Bodo Moeller] | 4004 | [Bodo Moeller] | |||
| 6907 | 4005 | |||||
| 6908 | *) More robust ran domness ga thering fu nctions fo r Windows. | 4006 | *) More robust ran domness ga thering fu nctions fo r Windows. | |||
| 6909 | [Jeff rey Altman <jaltman@ columbia.e du>] | 4007 | [Jeff rey Altman <jaltman@ columbia.e du>] | |||
| 6910 | 4008 | |||||
| 6911 | *) For c ompatibili ty reasons if the fl ag X509_V_ FLAG_ISSUE R_CHECK is | 4009 | *) For c ompatibili ty reasons if the fl ag X509_V_ FLAG_ISSUE R_CHECK is | |||
| 6912 | not s et then we don't set up the err or code fo r issuer c heck error s | 4010 | not s et then we don't set up the err or code fo r issuer c heck error s | |||
| 6913 | to av oid possib ly overwri ting other errors wh ich the ca llback doe s | 4011 | to av oid possib ly overwri ting other errors wh ich the ca llback doe s | |||
| 6914 | handl e. If an a pplication does set the flag t hen we ass ume it kno ws | 4012 | handl e. If an a pplication does set the flag t hen we ass ume it kno ws | |||
| 6915 | what it is doin g and can handle the new infor mational c odes | 4013 | what it is doin g and can handle the new infor mational c odes | |||
| 6916 | appro priately. | 4014 | appro priately. | |||
| 6917 | [Stev e Henson] | 4015 | [Stev e Henson] | |||
| 6918 | 4016 | |||||
| 6919 | *) Fix f or a nasty bug in AS N1_TYPE ha ndling. AS N1_TYPE is used for | 4017 | *) Fix f or a nasty bug in AS N1_TYPE ha ndling. AS N1_TYPE is used for | |||
| 6920 | a gen eral "ANY" type, as such it sh ould be ab le to deco de anythin g | 4018 | a gen eral "ANY" type, as such it sh ould be ab le to deco de anythin g | |||
| 6921 | inclu ding tagge d types. H owever it didn't che ck the cla ss so it w ould | 4019 | inclu ding tagge d types. H owever it didn't che ck the cla ss so it w ould | |||
| 6922 | wrong ly interpr et tagged types in t he same wa y as their universal | 4020 | wrong ly interpr et tagged types in t he same wa y as their universal | |||
| 6923 | count erpart and unknown t ypes were just rejec ted. Chang ed so that the | 4021 | count erpart and unknown t ypes were just rejec ted. Chang ed so that the | |||
| 6924 | tagge d and unkn own types are handle d in the s ame way as a SEQUENC E: | 4022 | tagge d and unkn own types are handle d in the s ame way as a SEQUENC E: | |||
| 6925 | that is the enc oding is s tored inta ct. There is also a new type | 4023 | that is the enc oding is s tored inta ct. There is also a new type | |||
| 6926 | "V_AS N1_OTHER" which is u sed when t he class i s not univ ersal, in this | 4024 | "V_AS N1_OTHER" which is u sed when t he class i s not univ ersal, in this | |||
| 6927 | case we have no idea what the actua l type is so we just lump them all | 4025 | case we have no idea what the actua l type is so we just lump them all | |||
| 6928 | toget her. | 4026 | toget her. | |||
| 6929 | [Stev e Henson] | 4027 | [Stev e Henson] | |||
| 6930 | 4028 | |||||
| 6931 | *) On VM S, stdout may very w ell lead t o a file t hat is wri tten to | 4029 | *) On VM S, stdout may very w ell lead t o a file t hat is wri tten to | |||
| 6932 | in a record-ori ented fash ion. That means tha t every wr ite() will | 4030 | in a record-ori ented fash ion. That means tha t every wr ite() will | |||
| 6933 | write a separat e record, which will be read s eparately by the | 4031 | write a separat e record, which will be read s eparately by the | |||
| 6934 | progr ams trying to read f rom it. T his can be very conf using. | 4032 | progr ams trying to read f rom it. T his can be very conf using. | |||
| 6935 | 4033 | |||||
| 6936 | The s olution is to put a BIO filter in the wa y that wil l buffer | 4034 | The s olution is to put a BIO filter in the wa y that wil l buffer | |||
| 6937 | text until a li nefeed is reached, a nd then wr ite everyt hing a | 4035 | text until a li nefeed is reached, a nd then wr ite everyt hing a | |||
| 6938 | line at a time, so every record wri tten will be an actu al line, | 4036 | line at a time, so every record wri tten will be an actu al line, | |||
| 6939 | not c hunks of l ines and n ot (usuall y doesn't happen, bu t I've | 4037 | not c hunks of l ines and n ot (usuall y doesn't happen, bu t I've | |||
| 6940 | seen it once) s everal lin es in one record. B IO_f_lineb uffer() is | 4038 | seen it once) s everal lin es in one record. B IO_f_lineb uffer() is | |||
| 6941 | the a nswer. | 4039 | the a nswer. | |||
| 6942 | 4040 | |||||
| 6943 | Curre ntly, it's a VMS-onl y method, because th at's where it has | 4041 | Curre ntly, it's a VMS-onl y method, because th at's where it has | |||
| 6944 | been tested wel l enough. | 4042 | been tested wel l enough. | |||
| 6945 | [Rich ard Levitt e] | 4043 | [Rich ard Levitt e] | |||
| 6946 | 4044 | |||||
| 6947 | *) Remov e 'optimiz ed' squari ng variant in BN_mod _mul_montg omery, | 4045 | *) Remov e 'optimiz ed' squari ng variant in BN_mod _mul_montg omery, | |||
| 6948 | it ca n return i ncorrect r esults. | 4046 | it ca n return i ncorrect r esults. | |||
| 6949 | (Note : The bugg y variant was not en abled in O penSSL 0.9 .5a, | 4047 | (Note : The bugg y variant was not en abled in O penSSL 0.9 .5a, | |||
| 6950 | but i t was in 0 .9.6-beta[ 12].) | 4048 | but i t was in 0 .9.6-beta[ 12].) | |||
| 6951 | [Bodo Moeller] | 4049 | [Bodo Moeller] | |||
| 6952 | 4050 | |||||
| 6953 | *) Disab le the che ck for con tent being present w hen verify ing detach ed | 4051 | *) Disab le the che ck for con tent being present w hen verify ing detach ed | |||
| 6954 | signa tures in p k7_smime.c . Some ver sions of N etscape (w rongly) | 4052 | signa tures in p k7_smime.c . Some ver sions of N etscape (w rongly) | |||
| 6955 | inclu de zero le ngth conte nt when si gning mess ages. | 4053 | inclu de zero le ngth conte nt when si gning mess ages. | |||
| 6956 | [Stev e Henson] | 4054 | [Stev e Henson] | |||
| 6957 | 4055 | |||||
| 6958 | *) New B IO_shutdow n_wr macro , which in vokes the BIO_C_SHUT DOWN_WR | 4056 | *) New B IO_shutdow n_wr macro , which in vokes the BIO_C_SHUT DOWN_WR | |||
| 6959 | BIO_c trl (for B IO pairs). | 4057 | BIO_c trl (for B IO pairs). | |||
| 6960 | [Bodo Möller] | 4058 | [Bodo Möller] | |||
| 6961 | 4059 | |||||
| 6962 | *) Add D SO method for VMS. | 4060 | *) Add D SO method for VMS. | |||
| 6963 | [Rich ard Levitt e] | 4061 | [Rich ard Levitt e] | |||
| 6964 | 4062 | |||||
| 6965 | *) Bug f ix: Montgo mery multi plication could prod uce result s with the | 4063 | *) Bug f ix: Montgo mery multi plication could prod uce result s with the | |||
| 6966 | wrong sign. | 4064 | wrong sign. | |||
| 6967 | [Ulf Möller] | 4065 | [Ulf Möller] | |||
| 6968 | 4066 | |||||
| 6969 | *) Add R PM specifi cation ope nssl.spec and modify it to bui ld three | 4067 | *) Add R PM specifi cation ope nssl.spec and modify it to bui ld three | |||
| 6970 | packa ges. The default pa ckage cont ains appli cations, a pplication | 4068 | packa ges. The default pa ckage cont ains appli cations, a pplication | |||
| 6971 | docum entation a nd run-tim e librarie s. The de vel packag e contains | 4069 | docum entation a nd run-tim e librarie s. The de vel packag e contains | |||
| 6972 | inclu de files, static lib raries and function documentat ion. The | 4070 | inclu de files, static lib raries and function documentat ion. The | |||
| 6973 | doc p ackage con tains the contents o f the doc directory. The orig inal | 4071 | doc p ackage con tains the contents o f the doc directory. The orig inal | |||
| 6974 | opens sl.spec wa s provided by Damien Miller <d jm@mindrot .org>. | 4072 | opens sl.spec wa s provided by Damien Miller <d jm@mindrot .org>. | |||
| 6975 | [Rich ard Levitt e] | 4073 | [Rich ard Levitt e] | |||
| 6976 | 4074 | |||||
| 6977 | *) Add a large num ber of doc umentation files for many SSL routines. | 4075 | *) Add a large num ber of doc umentation files for many SSL routines. | |||
| 6978 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE>] | 4076 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE>] | |||
| 6979 | 4077 | |||||
| 6980 | *) Add a configura tion entry for Sony News 4. | 4078 | *) Add a configura tion entry for Sony News 4. | |||
| 6981 | [NAKA JI Hiroyuk i <nakaji@ tutrp.tut. ac.jp>] | 4079 | [NAKA JI Hiroyuk i <nakaji@ tutrp.tut. ac.jp>] | |||
| 6982 | 4080 | |||||
| 6983 | *) Don't set the t wo most si gnificant bits to on e when gen erating a | 4081 | *) Don't set the t wo most si gnificant bits to on e when gen erating a | |||
| 6984 | rando m number < q in the DSA librar y. | 4082 | rando m number < q in the DSA librar y. | |||
| 6985 | [Ulf Möller] | 4083 | [Ulf Möller] | |||
| 6986 | 4084 | |||||
| 6987 | *) New S SL API mod e 'SSL_MOD E_AUTO_RET RY'. This disables the defaul t | 4085 | *) New S SL API mod e 'SSL_MOD E_AUTO_RET RY'. This disables the defaul t | |||
| 6988 | behav iour that SSL_read m ay result in SSL_ERR OR_WANT_RE AD (even i f | 4086 | behav iour that SSL_read m ay result in SSL_ERR OR_WANT_RE AD (even i f | |||
| 6989 | the u nderlying transport is blockin g) if a ha ndshake to ok place. | 4087 | the u nderlying transport is blockin g) if a ha ndshake to ok place. | |||
| 6990 | (The default be haviour is needed by applicati ons such a s s_client | 4088 | (The default be haviour is needed by applicati ons such a s s_client | |||
| 6991 | and s _server th at use sel ect() to d etermine w hen to use SSL_read; | 4089 | and s _server th at use sel ect() to d etermine w hen to use SSL_read; | |||
| 6992 | but f or applica tions that know in a dvance whe n to expec t data, it | 4090 | but f or applica tions that know in a dvance whe n to expec t data, it | |||
| 6993 | just makes thin gs more co mplicated. ) | 4091 | just makes thin gs more co mplicated. ) | |||
| 6994 | [Bodo Moeller] | 4092 | [Bodo Moeller] | |||
| 6995 | 4093 | |||||
| 6996 | *) Add R AND_egd_by tes(), whi ch gives c ontrol ove r the numb er of byte s read | 4094 | *) Add R AND_egd_by tes(), whi ch gives c ontrol ove r the numb er of byte s read | |||
| 6997 | from EGD. | 4095 | from EGD. | |||
| 6998 | [Ben Laurie] | 4096 | [Ben Laurie] | |||
| 6999 | 4097 | |||||
| 7000 | *) Add a few more EBCDIC con ditionals that make `req' and `x509' | 4098 | *) Add a few more EBCDIC con ditionals that make `req' and `x509' | |||
| 7001 | work better on such syste ms. | 4099 | work better on such syste ms. | |||
| 7002 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | 4100 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | |||
| 7003 | 4101 | |||||
| 7004 | *) Add t wo demo pr ograms for PKCS12_pa rse() and PKCS12_cre ate(). | 4102 | *) Add t wo demo pr ograms for PKCS12_pa rse() and PKCS12_cre ate(). | |||
| 7005 | Updat e PKCS12_p arse() so it copies the friend lyName and the | 4103 | Updat e PKCS12_p arse() so it copies the friend lyName and the | |||
| 7006 | keyid to the ce rtificates aux info. | 4104 | keyid to the ce rtificates aux info. | |||
| 7007 | [Stev e Henson] | 4105 | [Stev e Henson] | |||
| 7008 | 4106 | |||||
| 7009 | *) Fix b ug in PKCS 7_verify() which cau sed an inf inite loop | 4107 | *) Fix b ug in PKCS 7_verify() which cau sed an inf inite loop | |||
| 7010 | if th ere was mo re than on e signatur e. | 4108 | if th ere was mo re than on e signatur e. | |||
| 7011 | [Sven Uszpelkat <su@celoc om.de>] | 4109 | [Sven Uszpelkat <su@celoc om.de>] | |||
| 7012 | 4110 | |||||
| 7013 | *) Major change in util/mkde f.pl to in clude extr a informat ion | 4111 | *) Major change in util/mkde f.pl to in clude extr a informat ion | |||
| 7014 | about each symb ol, as wel l as prese ntig varia bles as we ll | 4112 | about each symb ol, as wel l as prese ntig varia bles as we ll | |||
| 7015 | as fu nctions. This chang e means th at there's n more ne ed | 4113 | as fu nctions. This chang e means th at there's n more ne ed | |||
| 7016 | to re build the .num files when some algorithm s are excl uded. | 4114 | to re build the .num files when some algorithm s are excl uded. | |||
| 7017 | [Rich ard Levitt e] | 4115 | [Rich ard Levitt e] | |||
| 7018 | 4116 | |||||
| 7019 | *) Allow the verif y time to be set by an applica tion, | 4117 | *) Allow the verif y time to be set by an applica tion, | |||
| 7020 | rathe r than alw ays using the curren t time. | 4118 | rathe r than alw ays using the curren t time. | |||
| 7021 | [Stev e Henson] | 4119 | [Stev e Henson] | |||
| 7022 | 4120 | |||||
| 7023 | *) Phase 2 verify code reorg anisation. The certi ficate | 4121 | *) Phase 2 verify code reorg anisation. The certi ficate | |||
| 7024 | verif y code now looks up an issuer certificat e by a | 4122 | verif y code now looks up an issuer certificat e by a | |||
| 7025 | numbe r of crite ria: subje ct name, a uthority k ey id | 4123 | numbe r of crite ria: subje ct name, a uthority k ey id | |||
| 7026 | and k ey usage. It also ve rifies sel f signed c ertificate s | 4124 | and k ey usage. It also ve rifies sel f signed c ertificate s | |||
| 7027 | by th e same cri teria. The main comp arison fun ction is | 4125 | by th e same cri teria. The main comp arison fun ction is | |||
| 7028 | X509_ check_issu ed() which performs these chec ks. | 4126 | X509_ check_issu ed() which performs these chec ks. | |||
| 7029 | 4127 | |||||
| 7030 | Lot o f changes were neces sary in or der to sup port this | 4128 | Lot o f changes were neces sary in or der to sup port this | |||
| 7031 | witho ut complet ely rewrit ing the lo okup code. | 4129 | witho ut complet ely rewrit ing the lo okup code. | |||
| 7032 | 4130 | |||||
| 7033 | Autho rity and s ubject key identifie r are now cached. | 4131 | Autho rity and s ubject key identifie r are now cached. | |||
| 7034 | 4132 | |||||
| 7035 | The L HASH 'cert s' is X509 _STORE has now been replaced | 4133 | The L HASH 'cert s' is X509 _STORE has now been replaced | |||
| 7036 | by a STACK_OF(X 509_OBJECT ). This is mainly be cause an | 4134 | by a STACK_OF(X 509_OBJECT ). This is mainly be cause an | |||
| 7037 | LHASH can't sto re or retr ieve multi ple object s with | 4135 | LHASH can't sto re or retr ieve multi ple object s with | |||
| 7038 | the s ame hash v alue. | 4136 | the s ame hash v alue. | |||
| 7039 | 4137 | |||||
| 7040 | As a result var ious funct ions (whic h were all internal | 4138 | As a result var ious funct ions (whic h were all internal | |||
| 7041 | use o nly) have changed to handle th e new X509 _STORE | 4139 | use o nly) have changed to handle th e new X509 _STORE | |||
| 7042 | struc ture. This will brea k anything that mess ed round | 4140 | struc ture. This will brea k anything that mess ed round | |||
| 7043 | with X509_STORE internall y. | 4141 | with X509_STORE internall y. | |||
| 7044 | 4142 | |||||
| 7045 | The f unctions X 509_STORE_ add_cert() now check s for an | 4143 | The f unctions X 509_STORE_ add_cert() now check s for an | |||
| 7046 | exact match, ra ther than just subje ct name. | 4144 | exact match, ra ther than just subje ct name. | |||
| 7047 | 4145 | |||||
| 7048 | The X 509_STORE API doesn' t directly support t he retriev al | 4146 | The X 509_STORE API doesn' t directly support t he retriev al | |||
| 7049 | of mu ltiple cer tificates matching a given cri teria, how ever | 4147 | of mu ltiple cer tificates matching a given cri teria, how ever | |||
| 7050 | this can be wor ked round by perform ing a look up first | 4148 | this can be wor ked round by perform ing a look up first | |||
| 7051 | (whic h will fil l the cach e with can didate cer tificates) | 4149 | (whic h will fil l the cach e with can didate cer tificates) | |||
| 7052 | and t hen examin ing the ca che for ma tches. Thi s is proba bly | 4150 | and t hen examin ing the ca che for ma tches. Thi s is proba bly | |||
| 7053 | the b est we can do withou t throwing out X509_ LOOKUP | 4151 | the b est we can do withou t throwing out X509_ LOOKUP | |||
| 7054 | entir ely (maybe later...) . | 4152 | entir ely (maybe later...) . | |||
| 7055 | 4153 | |||||
| 7056 | The X 509_VERIFY _CTX struc ture has b een enhanc ed conside rably. | 4154 | The X 509_VERIFY _CTX struc ture has b een enhanc ed conside rably. | |||
| 7057 | 4155 | |||||
| 7058 | All c ertificate lookup op erations n ow go via a get_issu er() | 4156 | All c ertificate lookup op erations n ow go via a get_issu er() | |||
| 7059 | callb ack. Altho ugh this c urrently u ses an X50 9_STORE it | 4157 | callb ack. Altho ugh this c urrently u ses an X50 9_STORE it | |||
| 7060 | can b e replaced by custom lookups. This is a simple way | 4158 | can b e replaced by custom lookups. This is a simple way | |||
| 7061 | to by pass the X 509_STORE hackery ne cessary to make this | 4159 | to by pass the X 509_STORE hackery ne cessary to make this | |||
| 7062 | work and makes it possibl e to use m ore effici ent techni ques | 4160 | work and makes it possibl e to use m ore effici ent techni ques | |||
| 7063 | in fu ture. A ve ry simple version wh ich uses a simple | 4161 | in fu ture. A ve ry simple version wh ich uses a simple | |||
| 7064 | STACK for its t rusted cer tificate s tore is al so provide d | 4162 | STACK for its t rusted cer tificate s tore is al so provide d | |||
| 7065 | using X509_STOR E_CTX_trus ted_stack( ). | 4163 | using X509_STOR E_CTX_trus ted_stack( ). | |||
| 7066 | 4164 | |||||
| 7067 | The v erify_cb() and verif y() callba cks now ha ve equival ents | 4165 | The v erify_cb() and verif y() callba cks now ha ve equival ents | |||
| 7068 | in th e X509_STO RE_CTX str ucture. | 4166 | in th e X509_STO RE_CTX str ucture. | |||
| 7069 | 4167 | |||||
| 7070 | X509_ STORE_CTX also has a 'flags' f ield which can be us ed | 4168 | X509_ STORE_CTX also has a 'flags' f ield which can be us ed | |||
| 7071 | to cu stomise th e verify b ehaviour. | 4169 | to cu stomise th e verify b ehaviour. | |||
| 7072 | [Stev e Henson] | 4170 | [Stev e Henson] | |||
| 7073 | 4171 | |||||
| 7074 | *) Add n ew PKCS#7 signing op tion PKCS7 _NOSMIMECA P which | 4172 | *) Add n ew PKCS#7 signing op tion PKCS7 _NOSMIMECA P which | |||
| 7075 | exclu des S/MIME capabilit ies. | 4173 | exclu des S/MIME capabilit ies. | |||
| 7076 | [Stev e Henson] | 4174 | [Stev e Henson] | |||
| 7077 | 4175 | |||||
| 7078 | *) When a certific ate reques t is read in keep a copy of th e | 4176 | *) When a certific ate reques t is read in keep a copy of th e | |||
| 7079 | origi nal encodi ng of the signed dat a and use it when ou tputing | 4177 | origi nal encodi ng of the signed dat a and use it when ou tputing | |||
| 7080 | again . Signatur es then us e the orig inal encod ing rather than | 4178 | again . Signatur es then us e the orig inal encod ing rather than | |||
| 7081 | a dec oded, enco ded versio n which ma y cause pr oblems if the | 4179 | a dec oded, enco ded versio n which ma y cause pr oblems if the | |||
| 7082 | reque st is impr operly enc oded. | 4180 | reque st is impr operly enc oded. | |||
| 7083 | [Stev e Henson] | 4181 | [Stev e Henson] | |||
| 7084 | 4182 | |||||
| 7085 | *) For c onsistency with othe r BIO_puts implement ations, ca ll | 4183 | *) For c onsistency with othe r BIO_puts implement ations, ca ll | |||
| 7086 | buffe r_write(b, ...) dire ctly in bu ffer_puts instead of calling | 4184 | buffe r_write(b, ...) dire ctly in bu ffer_puts instead of calling | |||
| 7087 | BIO_w rite(b, .. .). | 4185 | BIO_w rite(b, .. .). | |||
| 7088 | 4186 | |||||
| 7089 | In BI O_puts, in crement b- >num_write as in BIO _write. | 4187 | In BI O_puts, in crement b- >num_write as in BIO _write. | |||
| 7090 | [Pete r.Sylveste r@EdelWeb. fr] | 4188 | [Pete r.Sylveste r@EdelWeb. fr] | |||
| 7091 | 4189 | |||||
| 7092 | *) Fix B N_mul_word for the c ase where the word i s 0. (We h ave to use | 4190 | *) Fix B N_mul_word for the c ase where the word i s 0. (We h ave to use | |||
| 7093 | BN_ze ro, we may not retur n a BIGNUM with an a rray consi sting of | 4191 | BN_ze ro, we may not retur n a BIGNUM with an a rray consi sting of | |||
| 7094 | words set to ze ro.) | 4192 | words set to ze ro.) | |||
| 7095 | [Bodo Moeller] | 4193 | [Bodo Moeller] | |||
| 7096 | 4194 | |||||
| 7097 | *) Avoid calling a bort() fro m within t he library when prob lems are | 4195 | *) Avoid calling a bort() fro m within t he library when prob lems are | |||
| 7098 | detec ted, excep t if prepr ocessor sy mbols have been defi ned | 4196 | detec ted, excep t if prepr ocessor sy mbols have been defi ned | |||
| 7099 | (such as REF_CH ECK, BN_DE BUG etc.). | 4197 | (such as REF_CH ECK, BN_DE BUG etc.). | |||
| 7100 | [Bodo Moeller] | 4198 | [Bodo Moeller] | |||
| 7101 | 4199 | |||||
| 7102 | *) New o penssl app lication ' rsautl'. T his utilit y can be | 4200 | *) New o penssl app lication ' rsautl'. T his utilit y can be | |||
| 7103 | used for low le vel RSA op erations. DER public key | 4201 | used for low le vel RSA op erations. DER public key | |||
| 7104 | BIO/f p routines also adde d. | 4202 | BIO/f p routines also adde d. | |||
| 7105 | [Stev e Henson] | 4203 | [Stev e Henson] | |||
| 7106 | 4204 | |||||
| 7107 | *) New C onfigure e ntry and p atches for compiling on QNX 4. | 4205 | *) New C onfigure e ntry and p atches for compiling on QNX 4. | |||
| 7108 | [Andr eas Schnei der <andre as@ds3.ete ch.fh-hamb urg.de>] | 4206 | [Andr eas Schnei der <andre as@ds3.ete ch.fh-hamb urg.de>] | |||
| 7109 | 4207 | |||||
| 7110 | *) A dem o state-ma chine impl ementation was spons ored by | 4208 | *) A dem o state-ma chine impl ementation was spons ored by | |||
| 7111 | Nuron (http://w ww.nuron.c om/) and i s now avai lable in | 4209 | Nuron (http://w ww.nuron.c om/) and i s now avai lable in | |||
| 7112 | demos /state_mac hine. | 4210 | demos /state_mac hine. | |||
| 7113 | [Ben Laurie] | 4211 | [Ben Laurie] | |||
| 7114 | 4212 | |||||
| 7115 | *) New o ptions add ed to the 'dgst' uti lity for s ignature | 4213 | *) New o ptions add ed to the 'dgst' uti lity for s ignature | |||
| 7116 | gener ation and verificati on. | 4214 | gener ation and verificati on. | |||
| 7117 | [Stev e Henson] | 4215 | [Stev e Henson] | |||
| 7118 | 4216 | |||||
| 7119 | *) Unrec ognized PK CS#7 conte nt types a re now han dled via a | 4217 | *) Unrec ognized PK CS#7 conte nt types a re now han dled via a | |||
| 7120 | catch all ASN1_ TYPE struc ture. This allows un supported | 4218 | catch all ASN1_ TYPE struc ture. This allows un supported | |||
| 7121 | types to be sto red as a " blob" and an applica tion can | 4219 | types to be sto red as a " blob" and an applica tion can | |||
| 7122 | encod e and deco de it manu ally. | 4220 | encod e and deco de it manu ally. | |||
| 7123 | [Stev e Henson] | 4221 | [Stev e Henson] | |||
| 7124 | 4222 | |||||
| 7125 | *) Fix v arious sig ned/unsign ed issues to make a_ strex.c | 4223 | *) Fix v arious sig ned/unsign ed issues to make a_ strex.c | |||
| 7126 | compi le under V C++. | 4224 | compi le under V C++. | |||
| 7127 | [Osca r Jacobsso n <oscar.j acobsson@c elocom.com >] | 4225 | [Osca r Jacobsso n <oscar.j acobsson@c elocom.com >] | |||
| 7128 | 4226 | |||||
| 7129 | *) ASN1 fixes. i2d _ASN1_OBJE CT was not returning the corre ct | 4227 | *) ASN1 fixes. i2d _ASN1_OBJE CT was not returning the corre ct | |||
| 7130 | lengt h if passe d a buffer . ASN1_INT EGER_to_BN failed | 4228 | lengt h if passe d a buffer . ASN1_INT EGER_to_BN failed | |||
| 7131 | if pa ssed a NUL L BN and i ts argumen t was nega tive. | 4229 | if pa ssed a NUL L BN and i ts argumen t was nega tive. | |||
| 7132 | [Stev e Henson, pointed ou t by Sven Heiberg <s ven@tartu. cyber.ee>] | 4230 | [Stev e Henson, pointed ou t by Sven Heiberg <s ven@tartu. cyber.ee>] | |||
| 7133 | 4231 | |||||
| 7134 | *) Modif ication to PKCS#7 en coding rou tines to o utput defi nite | 4232 | *) Modif ication to PKCS#7 en coding rou tines to o utput defi nite | |||
| 7135 | lengt h encoding . Since cu rrently th e whole st ructures a re in | 4233 | lengt h encoding . Since cu rrently th e whole st ructures a re in | |||
| 7136 | memor y there's not real p oint in us ing indefi nite lengt h | 4234 | memor y there's not real p oint in us ing indefi nite lengt h | |||
| 7137 | const ructed enc oding. How ever if Op enSSL is c ompiled wi th | 4235 | const ructed enc oding. How ever if Op enSSL is c ompiled wi th | |||
| 7138 | the f lag PKCS7_ INDEFINITE _ENCODING the old fo rm is used . | 4236 | the f lag PKCS7_ INDEFINITE _ENCODING the old fo rm is used . | |||
| 7139 | [Stev e Henson] | 4237 | [Stev e Henson] | |||
| 7140 | 4238 | |||||
| 7141 | *) Added BIO_vprin tf() and B IO_vsnprin tf(). | 4239 | *) Added BIO_vprin tf() and B IO_vsnprin tf(). | |||
| 7142 | [Rich ard Levitt e] | 4240 | [Rich ard Levitt e] | |||
| 7143 | 4241 | |||||
| 7144 | *) Added more pref ixes to pa rse for in the the s trings wri tten | 4242 | *) Added more pref ixes to pa rse for in the the s trings wri tten | |||
| 7145 | throu gh a loggi ng bio, to cover all the level s that are available | 4243 | throu gh a loggi ng bio, to cover all the level s that are available | |||
| 7146 | throu gh syslog. The pref ixes are n ow: | 4244 | throu gh syslog. The pref ixes are n ow: | |||
| 7147 | 4245 | |||||
| 7148 | PA NIC, EMERG , EMR => LOG_EMERG | 4246 | PA NIC, EMERG , EMR => LOG_EMERG | |||
| 7149 | AL ERT, ALR => LOG_ALERT | 4247 | AL ERT, ALR => LOG_ALERT | |||
| 7150 | CR IT, CRI => LOG_CRIT | 4248 | CR IT, CRI => LOG_CRIT | |||
| 7151 | ER ROR, ERR => LOG_ERR | 4249 | ER ROR, ERR => LOG_ERR | |||
| 7152 | WA RNING, WAR N, WAR => LOG_WARNIN G | 4250 | WA RNING, WAR N, WAR => LOG_WARNIN G | |||
| 7153 | NO TICE, NOTE , NOT => LOG_NOTICE | 4251 | NO TICE, NOTE , NOT => LOG_NOTICE | |||
| 7154 | IN FO, INF => LOG_INFO | 4252 | IN FO, INF => LOG_INFO | |||
| 7155 | DE BUG, DBG => LOG_DEBUG | 4253 | DE BUG, DBG => LOG_DEBUG | |||
| 7156 | 4254 | |||||
| 7157 | and a s before, if none of those pre fixes are present at the | 4255 | and a s before, if none of those pre fixes are present at the | |||
| 7158 | begin ning of th e string, LOG_ERR is chosen. | 4256 | begin ning of th e string, LOG_ERR is chosen. | |||
| 7159 | 4257 | |||||
| 7160 | On Wi n32, the L OG_* level s are mapp ed accordi ng to this : | 4258 | On Wi n32, the L OG_* level s are mapp ed accordi ng to this : | |||
| 7161 | 4259 | |||||
| 7162 | LO G_EMERG, L OG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ ERROR_TYPE | 4260 | LO G_EMERG, L OG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ ERROR_TYPE | |||
| 7163 | LO G_WARNING => EVENTLOG_ WARNING_TY PE | 4261 | LO G_WARNING => EVENTLOG_ WARNING_TY PE | |||
| 7164 | LO G_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_ INFORMATIO N_TYPE | 4262 | LO G_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_ INFORMATIO N_TYPE | |||
| 7165 | 4263 | |||||
| 7166 | [Rich ard Levitt e] | 4264 | [Rich ard Levitt e] | |||
| 7167 | 4265 | |||||
| 7168 | *) Made it possibl e to recon figure wit h just the configura tion | 4266 | *) Made it possibl e to recon figure wit h just the configura tion | |||
| 7169 | argum ent "recon f" or "rec onfigure". The comm and line a rguments | 4267 | argum ent "recon f" or "rec onfigure". The comm and line a rguments | |||
| 7170 | are s tored in M akefile.ss l in the v ariable CO NFIGURE_AR GS, | 4268 | are s tored in M akefile.ss l in the v ariable CO NFIGURE_AR GS, | |||
| 7171 | and a re retriev ed from th ere when r econfiguri ng. | 4269 | and a re retriev ed from th ere when r econfiguri ng. | |||
| 7172 | [Rich ard Levitt e] | 4270 | [Rich ard Levitt e] | |||
| 7173 | 4271 | |||||
| 7174 | *) MD4 i mplemented . | 4272 | *) MD4 i mplemented . | |||
| 7175 | [Assa r Westerlu nd <assar@ sics.se>, Richard Le vitte] | 4273 | [Assa r Westerlu nd <assar@ sics.se>, Richard Le vitte] | |||
| 7176 | 4274 | |||||
| 7177 | *) Add t he argumen ts -CAfile and -CApa th to the pkcs12 uti lity. | 4275 | *) Add t he argumen ts -CAfile and -CApa th to the pkcs12 uti lity. | |||
| 7178 | [Rich ard Levitt e] | 4276 | [Rich ard Levitt e] | |||
| 7179 | 4277 | |||||
| 7180 | *) The o bj_dat.pl script was messing u p the sort ing of obj ect | 4278 | *) The o bj_dat.pl script was messing u p the sort ing of obj ect | |||
| 7181 | names . The reas on was tha t it compa red the qu oted versi on | 4279 | names . The reas on was tha t it compa red the qu oted versi on | |||
| 7182 | of st rings as a result "O CSP" > "OC SP Signing " because | 4280 | of st rings as a result "O CSP" > "OC SP Signing " because | |||
| 7183 | " > S PACE. Chan ged script to store unquoted v ersions of | 4281 | " > S PACE. Chan ged script to store unquoted v ersions of | |||
| 7184 | names and add q uotes on o utput. It was also o mitting so me | 4282 | names and add q uotes on o utput. It was also o mitting so me | |||
| 7185 | names from the lookup tab le if they were give n a defaul t | 4283 | names from the lookup tab le if they were give n a defaul t | |||
| 7186 | value (that is if SN is m issing it is given t he same | 4284 | value (that is if SN is m issing it is given t he same | |||
| 7187 | value as LN and vice vers a), these are now ad ded on the | 4285 | value as LN and vice vers a), these are now ad ded on the | |||
| 7188 | groun ds that if an object has a nam e we shoul d be able to | 4286 | groun ds that if an object has a nam e we shoul d be able to | |||
| 7189 | look it up. Fin ally added warning o utput when duplicate | 4287 | look it up. Fin ally added warning o utput when duplicate | |||
| 7190 | short or long n ames are f ound. | 4288 | short or long n ames are f ound. | |||
| 7191 | [Stev e Henson] | 4289 | [Stev e Henson] | |||
| 7192 | 4290 | |||||
| 7193 | *) Chang es needed for Tandem NSK. | 4291 | *) Chang es needed for Tandem NSK. | |||
| 7194 | [Scot t Uroff <s cott@xypro .com>] | 4292 | [Scot t Uroff <s cott@xypro .com>] | |||
| 7195 | 4293 | |||||
| 7196 | *) Fix S SL 2.0 rol lback chec king: Due to an off- by-one err or in | 4294 | *) Fix S SL 2.0 rol lback chec king: Due to an off- by-one err or in | |||
| 7197 | RSA_p adding_che ck_SSLv23( ), special padding w as never d etected | 4295 | RSA_p adding_che ck_SSLv23( ), special padding w as never d etected | |||
| 7198 | and t hus the SS L 3.0/TLS 1.0 counte rmeasure a gainst pro tocol | 4296 | and t hus the SS L 3.0/TLS 1.0 counte rmeasure a gainst pro tocol | |||
| 7199 | versi on rollbac k attacks was not ef fective. | 4297 | versi on rollbac k attacks was not ef fective. | |||
| 7200 | 4298 | |||||
| 7201 | In s2 3_clnt.c, don't use special ro llback-att ack detect ion paddin g | 4299 | In s2 3_clnt.c, don't use special ro llback-att ack detect ion paddin g | |||
| 7202 | (RSA_ SSLV23_PAD DING) if S SL 2.0 is the only p rotocol en abled in t he | 4300 | (RSA_ SSLV23_PAD DING) if S SL 2.0 is the only p rotocol en abled in t he | |||
| 7203 | clien t; similar ly, in s23 _srvr.c, d on't do th e rollback check if | 4301 | clien t; similar ly, in s23 _srvr.c, d on't do th e rollback check if | |||
| 7204 | SSL 2 .0 is the only proto col enable d in the s erver. | 4302 | SSL 2 .0 is the only proto col enable d in the s erver. | |||
| 7205 | [Bodo Moeller] | 4303 | [Bodo Moeller] | |||
| 7206 | 4304 | |||||
| 7207 | *) Make it possibl e to get h exdumps of unprintab le data wi th 'openss l | 4305 | *) Make it possibl e to get h exdumps of unprintab le data wi th 'openss l | |||
| 7208 | asn1p arse'. By implicati on, the fu nctions AS N1_parse_d ump() and | 4306 | asn1p arse'. By implicati on, the fu nctions AS N1_parse_d ump() and | |||
| 7209 | BIO_d ump_indent () are add ed. | 4307 | BIO_d ump_indent () are add ed. | |||
| 7210 | [Rich ard Levitt e] | 4308 | [Rich ard Levitt e] | |||
| 7211 | 4309 | |||||
| 7212 | *) New f unctions A SN1_STRING _print_ex( ) and X509 _NAME_prin t_ex() | 4310 | *) New f unctions A SN1_STRING _print_ex( ) and X509 _NAME_prin t_ex() | |||
| 7213 | these print out strings a nd name st ructures b ased on va rious | 4311 | these print out strings a nd name st ructures b ased on va rious | |||
| 7214 | flags including RFC2253 s upport and proper ha ndling of | 4312 | flags including RFC2253 s upport and proper ha ndling of | |||
| 7215 | multi byte chara cters. Add ed options to the 'x 509' utili ty | 4313 | multi byte chara cters. Add ed options to the 'x 509' utili ty | |||
| 7216 | to al low the va rious flag s to be se t. | 4314 | to al low the va rious flag s to be se t. | |||
| 7217 | [Stev e Henson] | 4315 | [Stev e Henson] | |||
| 7218 | 4316 | |||||
| 7219 | *) Vario us fixes t o use ASN1 _TIME inst ead of ASN 1_UTCTIME. | 4317 | *) Vario us fixes t o use ASN1 _TIME inst ead of ASN 1_UTCTIME. | |||
| 7220 | Also change the functions X509_cmp_ current_ti me() and | 4318 | Also change the functions X509_cmp_ current_ti me() and | |||
| 7221 | X509_ gmtime_adj () work wi th an ASN1 _TIME stru cture, | 4319 | X509_ gmtime_adj () work wi th an ASN1 _TIME stru cture, | |||
| 7222 | this will enabl e certific ates using Generaliz edTime in validity | 4320 | this will enabl e certific ates using Generaliz edTime in validity | |||
| 7223 | dates to be che cked. | 4321 | dates to be che cked. | |||
| 7224 | [Stev e Henson] | 4322 | [Stev e Henson] | |||
| 7225 | 4323 | |||||
| 7226 | *) Make the NEG_PU BKEY_BUG c ode (which tolerates invalid | 4324 | *) Make the NEG_PU BKEY_BUG c ode (which tolerates invalid | |||
| 7227 | negat ive public key encod ings) on b y default, | 4325 | negat ive public key encod ings) on b y default, | |||
| 7228 | NO_NE G_PUBKEY_B UG can be set to dis able it. | 4326 | NO_NE G_PUBKEY_B UG can be set to dis able it. | |||
| 7229 | [Stev e Henson] | 4327 | [Stev e Henson] | |||
| 7230 | 4328 | |||||
| 7231 | *) New f unction c2 i_ASN1_OBJ ECT() whic h acts on ASN1_OBJEC T | 4329 | *) New f unction c2 i_ASN1_OBJ ECT() whic h acts on ASN1_OBJEC T | |||
| 7232 | conte nt octets. An i2c_AS N1_OBJECT is unneces sary becau se | 4330 | conte nt octets. An i2c_AS N1_OBJECT is unneces sary becau se | |||
| 7233 | the e ncoding ca n be trivi ally obtai ned from t he structu re. | 4331 | the e ncoding ca n be trivi ally obtai ned from t he structu re. | |||
| 7234 | [Stev e Henson] | 4332 | [Stev e Henson] | |||
| 7235 | 4333 | |||||
| 7236 | *) crypt o/err.c lo cking bugf ix: Use wr ite locks (CRYPTO_w_ [un]lock), | 4334 | *) crypt o/err.c lo cking bugf ix: Use wr ite locks (CRYPTO_w_ [un]lock), | |||
| 7237 | not r ead locks (CRYPTO_r_ [un]lock). | 4335 | not r ead locks (CRYPTO_r_ [un]lock). | |||
| 7238 | [Bodo Moeller] | 4336 | [Bodo Moeller] | |||
| 7239 | 4337 | |||||
| 7240 | *) A fir st attempt at creati ng officia l support for shared | 4338 | *) A fir st attempt at creati ng officia l support for shared | |||
| 7241 | libra ries throu gh configu ration. I 've kept i t so the | 4339 | libra ries throu gh configu ration. I 've kept i t so the | |||
| 7242 | defau lt is stat ic librari es only, a nd the Ope nSSL progr ams | 4340 | defau lt is stat ic librari es only, a nd the Ope nSSL progr ams | |||
| 7243 | are a lways stat ically lin ked for no w, but the re are | 4341 | are a lways stat ically lin ked for no w, but the re are | |||
| 7244 | prepa rations fo r dynamic linking in place. | 4342 | prepa rations fo r dynamic linking in place. | |||
| 7245 | This has been t ested on L inux and T ru64. | 4343 | This has been t ested on L inux and T ru64. | |||
| 7246 | [Rich ard Levitt e] | 4344 | [Rich ard Levitt e] | |||
| 7247 | 4345 | |||||
| 7248 | *) Rando mness poll ing functi on for Win 9x, as des cribed in: | 4346 | *) Rando mness poll ing functi on for Win 9x, as des cribed in: | |||
| 7249 | Peter Gutmann, Software G eneration of Practic ally Stron g | 4347 | Peter Gutmann, Software G eneration of Practic ally Stron g | |||
| 7250 | Rando m Numbers. | 4348 | Rando m Numbers. | |||
| 7251 | [Ulf Möller] | 4349 | [Ulf Möller] | |||
| 7252 | 4350 | |||||
| 7253 | *) Fix s o PRNG is seeded in req if usi ng an alre ady existi ng | 4351 | *) Fix s o PRNG is seeded in req if usi ng an alre ady existi ng | |||
| 7254 | DSA k ey. | 4352 | DSA k ey. | |||
| 7255 | [Stev e Henson] | 4353 | [Stev e Henson] | |||
| 7256 | 4354 | |||||
| 7257 | *) New o ptions to smime appl ication. - inform and -outform | 4355 | *) New o ptions to smime appl ication. - inform and -outform | |||
| 7258 | allow alternati ve formats for the S /MIME mess age includ ing | 4356 | allow alternati ve formats for the S /MIME mess age includ ing | |||
| 7259 | PEM a nd DER. Th e -content option al lows the c ontent to be | 4357 | PEM a nd DER. Th e -content option al lows the c ontent to be | |||
| 7260 | speci fied separ ately. Thi s should a llow thing s like Net scape | 4358 | speci fied separ ately. Thi s should a llow thing s like Net scape | |||
| 7261 | form signing ou tput easie r to verif y. | 4359 | form signing ou tput easie r to verif y. | |||
| 7262 | [Stev e Henson] | 4360 | [Stev e Henson] | |||
| 7263 | 4361 | |||||
| 7264 | *) Fix t he ASN1 en coding of tags using the 'long form'. | 4362 | *) Fix t he ASN1 en coding of tags using the 'long form'. | |||
| 7265 | [Stev e Henson] | 4363 | [Stev e Henson] | |||
| 7266 | 4364 | |||||
| 7267 | *) New A SN1 functi ons, i2c_* and c2i_* for INTEG ER and BIT | 4365 | *) New A SN1 functi ons, i2c_* and c2i_* for INTEG ER and BIT | |||
| 7268 | STRIN G types. T hese conve rt content octets to and from the | 4366 | STRIN G types. T hese conve rt content octets to and from the | |||
| 7269 | under lying type . The actu al tag and length oc tets are | 4367 | under lying type . The actu al tag and length oc tets are | |||
| 7270 | alrea dy assumed to have b een read i n and chec ked. These | 4368 | alrea dy assumed to have b een read i n and chec ked. These | |||
| 7271 | are n eeded beca use all ot her string types hav e virtuall y | 4369 | are n eeded beca use all ot her string types hav e virtuall y | |||
| 7272 | ident ical handl ing apart from the t ag. By hav ing versio ns | 4370 | ident ical handl ing apart from the t ag. By hav ing versio ns | |||
| 7273 | of th e ASN1 fun ctions tha t just ope rate on co ntent octe ts | 4371 | of th e ASN1 fun ctions tha t just ope rate on co ntent octe ts | |||
| 7274 | IMPLI CIT taggin g can be h andled pro perly. It also allow s | 4372 | IMPLI CIT taggin g can be h andled pro perly. It also allow s | |||
| 7275 | the A SN1_ENUMER ATED code to be cut down becau se ASN1_EN UMERATED | 4373 | the A SN1_ENUMER ATED code to be cut down becau se ASN1_EN UMERATED | |||
| 7276 | and A SN1_INTEGE R are iden tical apar t from the tag. | 4374 | and A SN1_INTEGE R are iden tical apar t from the tag. | |||
| 7277 | [Stev e Henson] | 4375 | [Stev e Henson] | |||
| 7278 | 4376 | |||||
| 7279 | *) Chang e the hand ling of OI D objects as follows : | 4377 | *) Chang e the hand ling of OI D objects as follows : | |||
| 7280 | 4378 | |||||
| 7281 | - New object id entifiers are insert ed in obje cts.txt, f ollowing | 4379 | - New object id entifiers are insert ed in obje cts.txt, f ollowing | |||
| 7282 | the syntax gi ven in obj ects.READM E. | 4380 | the syntax gi ven in obj ects.READM E. | |||
| 7283 | - obj ects.pl is used to p rocess obj _mac.num a nd create a new | 4381 | - obj ects.pl is used to p rocess obj _mac.num a nd create a new | |||
| 7284 | obj _mac.h. | 4382 | obj _mac.h. | |||
| 7285 | - obj _dat.pl is used to c reate a ne w obj_dat. h, using t he data in | 4383 | - obj _dat.pl is used to c reate a ne w obj_dat. h, using t he data in | |||
| 7286 | obj _mac.h. | 4384 | obj _mac.h. | |||
| 7287 | 4385 | |||||
| 7288 | This is current ly kind of a hack, a nd the per l code in objects.pl | 4386 | This is current ly kind of a hack, a nd the per l code in objects.pl | |||
| 7289 | isn't very eleg ant, but i t works as I intende d. The si mplest way | 4387 | isn't very eleg ant, but i t works as I intende d. The si mplest way | |||
| 7290 | to ch eck that i t worked c orrectly i s to look in obj_dat .h and | 4388 | to ch eck that i t worked c orrectly i s to look in obj_dat .h and | |||
| 7291 | check the array nid_objs and make s ure the ob jects have n't moved | 4389 | check the array nid_objs and make s ure the ob jects have n't moved | |||
| 7292 | aroun d (this is important !). Addit ions are O K, as well as | 4390 | aroun d (this is important !). Addit ions are O K, as well as | |||
| 7293 | consi stent name changes. | 4391 | consi stent name changes. | |||
| 7294 | [Rich ard Levitt e] | 4392 | [Rich ard Levitt e] | |||
| 7295 | 4393 | |||||
| 7296 | *) Add B SD-style M D5-based p asswords t o 'openssl passwd' ( option '-1 '). | 4394 | *) Add B SD-style M D5-based p asswords t o 'openssl passwd' ( option '-1 '). | |||
| 7297 | [Bodo Moeller] | 4395 | [Bodo Moeller] | |||
| 7298 | 4396 | |||||
| 7299 | *) Addit ion of the command l ine parame ter '-rand file' to 'openssl r eq'. | 4397 | *) Addit ion of the command l ine parame ter '-rand file' to 'openssl r eq'. | |||
| 7300 | The g iven file adds to wh atever has already b een seeded into the | 4398 | The g iven file adds to wh atever has already b een seeded into the | |||
| 7301 | rando m pool thr ough the R ANDFILE co nfiguratio n file opt ion or | 4399 | rando m pool thr ough the R ANDFILE co nfiguratio n file opt ion or | |||
| 7302 | envir onment var iable, or the defaul t random s tate file. | 4400 | envir onment var iable, or the defaul t random s tate file. | |||
| 7303 | [Rich ard Levitt e] | 4401 | [Rich ard Levitt e] | |||
| 7304 | 4402 | |||||
| 7305 | *) mksta ck.pl now sorts each macro gro up into le xical orde r. | 4403 | *) mksta ck.pl now sorts each macro gro up into le xical orde r. | |||
| 7306 | Previ ously the output ord er depende d on the o rder the f iles | 4404 | Previ ously the output ord er depende d on the o rder the f iles | |||
| 7307 | appea red in the directory , resultin g in needl ess rewrit ing | 4405 | appea red in the directory , resultin g in needl ess rewrit ing | |||
| 7308 | of sa festack.h . | 4406 | of sa festack.h . | |||
| 7309 | [Stev e Henson] | 4407 | [Stev e Henson] | |||
| 7310 | 4408 | |||||
| 7311 | *) Patch es to make OpenSSL c ompile und er Win32 a gain. Most ly | 4409 | *) Patch es to make OpenSSL c ompile und er Win32 a gain. Most ly | |||
| 7312 | work arounds fo r the VC++ problem t hat it tre ats func() as | 4410 | work arounds fo r the VC++ problem t hat it tre ats func() as | |||
| 7313 | func( void). Als o stripped out the p arts of mk def.pl tha t | 4411 | func( void). Als o stripped out the p arts of mk def.pl tha t | |||
| 7314 | added extra typ esafe func tions: the se no long er exist. | 4412 | added extra typ esafe func tions: the se no long er exist. | |||
| 7315 | [Stev e Henson] | 4413 | [Stev e Henson] | |||
| 7316 | 4414 | |||||
| 7317 | *) Reorg anisation of the sta ck code. T he macros are now al l | 4415 | *) Reorg anisation of the sta ck code. T he macros are now al l | |||
| 7318 | colle cted in sa festack.h . Each mac ro is defi ned in ter ms of | 4416 | colle cted in sa festack.h . Each mac ro is defi ned in ter ms of | |||
| 7319 | a "st ack macro" of the fo rm SKM_<na me>(type, a, b). The | 4417 | a "st ack macro" of the fo rm SKM_<na me>(type, a, b). The | |||
| 7320 | DEBUG _SAFESTACK is now ha ndled in t erms of fu nction cas ts, | 4418 | DEBUG _SAFESTACK is now ha ndled in t erms of fu nction cas ts, | |||
| 7321 | this has the ad vantage of retaining type safe ty without the | 4419 | this has the ad vantage of retaining type safe ty without the | |||
| 7322 | use o f addition al functio ns. If DEB UG_SAFESTA CK is not defined | 4420 | use o f addition al functio ns. If DEB UG_SAFESTA CK is not defined | |||
| 7323 | then the non ty pesafe mac ros are us ed instead . Also mod ified the | 4421 | then the non ty pesafe mac ros are us ed instead . Also mod ified the | |||
| 7324 | mksta ck.pl scri pt to hand le the new form. Nee ds testing to see | 4422 | mksta ck.pl scri pt to hand le the new form. Nee ds testing to see | |||
| 7325 | if wh ich (if an y) compile rs it chok es and may be make DE BUG_SAFEST ACK | 4423 | if wh ich (if an y) compile rs it chok es and may be make DE BUG_SAFEST ACK | |||
| 7326 | the d efault if no major p roblems. S imilar beh aviour for ASN1_SET_ OF | 4424 | the d efault if no major p roblems. S imilar beh aviour for ASN1_SET_ OF | |||
| 7327 | and P KCS12_STAC K_OF. | 4425 | and P KCS12_STAC K_OF. | |||
| 7328 | [Stev e Henson] | 4426 | [Stev e Henson] | |||
| 7329 | 4427 | |||||
| 7330 | *) When some versi ons of IIS use the ' NET' form of private key the | 4428 | *) When some versi ons of IIS use the ' NET' form of private key the | |||
| 7331 | key d erivation algorithm is differe nt. Normal ly MD5(pas sword) is | 4429 | key d erivation algorithm is differe nt. Normal ly MD5(pas sword) is | |||
| 7332 | used as a 128 b it RC4 key . In the m odified ca se | 4430 | used as a 128 b it RC4 key . In the m odified ca se | |||
| 7333 | MD5(M D5(passwor d) + "SGCK EYSALT") is used in sted. Adde d some | 4431 | MD5(M D5(passwor d) + "SGCK EYSALT") is used in sted. Adde d some | |||
| 7334 | new f unctions i 2d_RSA_NET (), d2i_RS A_NET() et c which ar e the same | 4432 | new f unctions i 2d_RSA_NET (), d2i_RS A_NET() et c which ar e the same | |||
| 7335 | as th e old Nets cape_RSA f unctions e xcept they have an a dditional | 4433 | as th e old Nets cape_RSA f unctions e xcept they have an a dditional | |||
| 7336 | 'sgck ey' parame ter which uses the m odified al gorithm. A lso added | 4434 | 'sgck ey' parame ter which uses the m odified al gorithm. A lso added | |||
| 7337 | an -s gckey comm and line o ption to t he rsa uti lity. Than ks to | 4435 | an -s gckey comm and line o ption to t he rsa uti lity. Than ks to | |||
| 7338 | Adria n Peck <be rtie@nciph er.com> fo r posting details of the modif ied | 4436 | Adria n Peck <be rtie@nciph er.com> fo r posting details of the modif ied | |||
| 7339 | algor ithm to op enssl-dev. | 4437 | algor ithm to op enssl-dev. | |||
| 7340 | [Stev e Henson] | 4438 | [Stev e Henson] | |||
| 7341 | 4439 | |||||
| 7342 | *) The e vp_local.h macros we re using ' c.##kname' which res ulted in | 4440 | *) The e vp_local.h macros we re using ' c.##kname' which res ulted in | |||
| 7343 | inval id expansi on on some systems ( SCO 5.0.5 for exampl e). | 4441 | inval id expansi on on some systems ( SCO 5.0.5 for exampl e). | |||
| 7344 | Corre cted to 'c .kname'. | 4442 | Corre cted to 'c .kname'. | |||
| 7345 | [Phil lip Porch <root@thep orch.com>] | 4443 | [Phil lip Porch <root@thep orch.com>] | |||
| 7346 | 4444 | |||||
| 7347 | *) New X 509_get1_e mail() and X509_REQ_ get1_email () functio ns that re turn | 4445 | *) New X 509_get1_e mail() and X509_REQ_ get1_email () functio ns that re turn | |||
| 7348 | a STA CK of emai l addresse s from a c ertificate or reques t, these l ook | 4446 | a STA CK of emai l addresse s from a c ertificate or reques t, these l ook | |||
| 7349 | in th e subject name and t he subject alternati ve name ex tensions a nd | 4447 | in th e subject name and t he subject alternati ve name ex tensions a nd | |||
| 7350 | omit any duplic ate addres ses. | 4448 | omit any duplic ate addres ses. | |||
| 7351 | [Stev e Henson] | 4449 | [Stev e Henson] | |||
| 7352 | 4450 | |||||
| 7353 | *) Re-im plement BN _mod_exp2_ mont using independe nt (and la rger) wind ows. | 4451 | *) Re-im plement BN _mod_exp2_ mont using independe nt (and la rger) wind ows. | |||
| 7354 | This makes DSA verificati on about 2 % faster. | 4452 | This makes DSA verificati on about 2 % faster. | |||
| 7355 | [Bodo Moeller] | 4453 | [Bodo Moeller] | |||
| 7356 | 4454 | |||||
| 7357 | *) Incre ase maximu m window s ize in BN_ mod_exp_.. . to 6 bit s instead of 5 | 4455 | *) Incre ase maximu m window s ize in BN_ mod_exp_.. . to 6 bit s instead of 5 | |||
| 7358 | (mean ing that n ow 2^5 val ues will b e precompu ted, which is only 4 KB | 4456 | (mean ing that n ow 2^5 val ues will b e precompu ted, which is only 4 KB | |||
| 7359 | plus overhead f or 1024 bi t moduli). | 4457 | plus overhead f or 1024 bi t moduli). | |||
| 7360 | This makes expo nentiation s about 0. 5 % faster for 1024 bit | 4458 | This makes expo nentiation s about 0. 5 % faster for 1024 bit | |||
| 7361 | expon ents (as m easured by "openssl speed rsa2 048"). | 4459 | expon ents (as m easured by "openssl speed rsa2 048"). | |||
| 7362 | [Bodo Moeller] | 4460 | [Bodo Moeller] | |||
| 7363 | 4461 | |||||
| 7364 | *) Renam e memory h andling ma cros to av oid confli cts with o ther | 4462 | *) Renam e memory h andling ma cros to av oid confli cts with o ther | |||
| 7365 | softw are: | 4463 | softw are: | |||
| 7366 | Malloc => O PENSSL_mal loc | 4464 | Malloc => O PENSSL_mal loc | |||
| 7367 | Malloc_loc ked => O PENSSL_mal loc_locked | 4465 | Malloc_loc ked => O PENSSL_mal loc_locked | |||
| 7368 | Realloc => O PENSSL_rea lloc | 4466 | Realloc => O PENSSL_rea lloc | |||
| 7369 | Free => O PENSSL_fre e | 4467 | Free => O PENSSL_fre e | |||
| 7370 | [Rich ard Levitt e] | 4468 | [Rich ard Levitt e] | |||
| 7371 | 4469 | |||||
| 7372 | *) New f unction BN _mod_exp_m ont_word f or small b ases (roug hly 15% | 4470 | *) New f unction BN _mod_exp_m ont_word f or small b ases (roug hly 15% | |||
| 7373 | faste r than BN_ mod_exp_mo nt, i.e. 7 % for a fu ll DH exch ange). | 4471 | faste r than BN_ mod_exp_mo nt, i.e. 7 % for a fu ll DH exch ange). | |||
| 7374 | [Bodo Moeller] | 4472 | [Bodo Moeller] | |||
| 7375 | 4473 | |||||
| 7376 | *) CygWi n32 suppor t. | 4474 | *) CygWi n32 suppor t. | |||
| 7377 | [John Jarvie <j jarvie@new sguy.com>] | 4475 | [John Jarvie <j jarvie@new sguy.com>] | |||
| 7378 | 4476 | |||||
| 7379 | *) The t ype-safe s tack code has been r ejigged. I t is now o nly compil ed | 4477 | *) The t ype-safe s tack code has been r ejigged. I t is now o nly compil ed | |||
| 7380 | in wh en OpenSSL is config ured with the DEBUG_ SAFESTACK option and | 4478 | in wh en OpenSSL is config ured with the DEBUG_ SAFESTACK option and | |||
| 7381 | by de fault all type-speci fic stack functions are "#defi ne"d back to | 4479 | by de fault all type-speci fic stack functions are "#defi ne"d back to | |||
| 7382 | stand ard stack functions. This resu lts in mor e streamli ned output | 4480 | stand ard stack functions. This resu lts in mor e streamli ned output | |||
| 7383 | but r etains the type-safe ty checkin g possibil ities of t he origina l | 4481 | but r etains the type-safe ty checkin g possibil ities of t he origina l | |||
| 7384 | appro ach. | 4482 | appro ach. | |||
| 7385 | [Geof f Thorpe] | 4483 | [Geof f Thorpe] | |||
| 7386 | 4484 | |||||
| 7387 | *) The S TACK code has been c leaned up, and certa in type de clarations | 4485 | *) The S TACK code has been c leaned up, and certa in type de clarations | |||
| 7388 | that didn't mak e a lot of sense hav e been bro ught in li ne. This h as | 4486 | that didn't mak e a lot of sense hav e been bro ught in li ne. This h as | |||
| 7389 | also involved a cleanup o f sorts in safestack .h to more correctly | 4487 | also involved a cleanup o f sorts in safestack .h to more correctly | |||
| 7390 | map t ype-safe s tack funct ions onto their plai n stack co unterparts . | 4488 | map t ype-safe s tack funct ions onto their plai n stack co unterparts . | |||
| 7391 | This work has a lso result ed in a va riety of " const"ific ations of | 4489 | This work has a lso result ed in a va riety of " const"ific ations of | |||
| 7392 | lots of the cod e, especia lly "_cmp" operation s which sh ould norma lly | 4490 | lots of the cod e, especia lly "_cmp" operation s which sh ould norma lly | |||
| 7393 | be pr ototyped w ith "const " paramete rs anyway. | 4491 | be pr ototyped w ith "const " paramete rs anyway. | |||
| 7394 | [Geof f Thorpe] | 4492 | [Geof f Thorpe] | |||
| 7395 | 4493 | |||||
| 7396 | *) When generating bytes for the first time in m d_rand.c, 'stir the pool' | 4494 | *) When generating bytes for the first time in m d_rand.c, 'stir the pool' | |||
| 7397 | by se eding with STATE_SIZ E dummy by tes (with zero entro py count). | 4495 | by se eding with STATE_SIZ E dummy by tes (with zero entro py count). | |||
| 7398 | (The PRNG state consists of two par ts, the la rge pool ' state' and 'md', | 4496 | (The PRNG state consists of two par ts, the la rge pool ' state' and 'md', | |||
| 7399 | where all of 'm d' is used each time the PRNG is used, b ut 'state' | 4497 | where all of 'm d' is used each time the PRNG is used, b ut 'state' | |||
| 7400 | is us ed only in dexed by a cyclic co unter. As entropy ma y not be | 4498 | is us ed only in dexed by a cyclic co unter. As entropy ma y not be | |||
| 7401 | well distribute d from the beginning , 'md' is important as a | 4499 | well distribute d from the beginning , 'md' is important as a | |||
| 7402 | chain ing variab le. Howeve r, the out put functi on chains only half | 4500 | chain ing variab le. Howeve r, the out put functi on chains only half | |||
| 7403 | of 'm d', i.e. 8 0 bits. s sleay_rand _add, on t he other h and, chain s | 4501 | of 'm d', i.e. 8 0 bits. s sleay_rand _add, on t he other h and, chain s | |||
| 7404 | all o f 'md', an d seeding with STATE _SIZE dumm y bytes wi ll result | 4502 | all o f 'md', an d seeding with STATE _SIZE dumm y bytes wi ll result | |||
| 7405 | in al l of 'stat e' being r ewritten, with the n ew values depending | 4503 | in al l of 'stat e' being r ewritten, with the n ew values depending | |||
| 7406 | on vi rtually al l of 'md'. This ove rcomes the 80 bit li mitation.) | 4504 | on vi rtually al l of 'md'. This ove rcomes the 80 bit li mitation.) | |||
| 7407 | [Bodo Moeller] | 4505 | [Bodo Moeller] | |||
| 7408 | 4506 | |||||
| 7409 | *) In ss l/s2_clnt. c and ssl/ s3_clnt.c, call ERR_ clear_erro r() when | 4507 | *) In ss l/s2_clnt. c and ssl/ s3_clnt.c, call ERR_ clear_erro r() when | |||
| 7410 | the h andshake i s continue d after ss l_verify_c ert_chain( ); | 4508 | the h andshake i s continue d after ss l_verify_c ert_chain( ); | |||
| 7411 | other wise, if S SL_VERIFY_ NONE is se t, remaini ng error c odes | 4509 | other wise, if S SL_VERIFY_ NONE is se t, remaini ng error c odes | |||
| 7412 | can l ead to 'un explainabl e' connect ion aborts later. | 4510 | can l ead to 'un explainabl e' connect ion aborts later. | |||
| 7413 | [Bodo Moeller; problem tr acked down by Lutz J aenicke] | 4511 | [Bodo Moeller; problem tr acked down by Lutz J aenicke] | |||
| 7414 | 4512 | |||||
| 7415 | *) Major EVP API c ipher revi sion. | 4513 | *) Major EVP API c ipher revi sion. | |||
| 7416 | Add h ooks for e xtra EVP f eatures. T his allows various c ipher | 4514 | Add h ooks for e xtra EVP f eatures. T his allows various c ipher | |||
| 7417 | param eters to b e set in t he EVP int erface. Su pport adde d for vari able | 4515 | param eters to b e set in t he EVP int erface. Su pport adde d for vari able | |||
| 7418 | key l ength ciph ers via th e EVP_CIPH ER_CTX_set _key_lengt h() functi on and | 4516 | key l ength ciph ers via th e EVP_CIPH ER_CTX_set _key_lengt h() functi on and | |||
| 7419 | setti ng of RC2 and RC5 pa rameters. | 4517 | setti ng of RC2 and RC5 pa rameters. | |||
| 7420 | 4518 | |||||
| 7421 | Modif y EVP_Open Init() and EVP_SealI nit() to c ope with v ariable ke y length | 4519 | Modif y EVP_Open Init() and EVP_SealI nit() to c ope with v ariable ke y length | |||
| 7422 | ciphe rs. | 4520 | ciphe rs. | |||
| 7423 | 4521 | |||||
| 7424 | Remov e lots of duplicated code from the EVP l ibrary. Fo r example *every* | 4522 | Remov e lots of duplicated code from the EVP l ibrary. Fo r example *every* | |||
| 7425 | ciphe r init() f unction ha ndles the 'iv' in th e same way according to the | 4523 | ciphe r init() f unction ha ndles the 'iv' in th e same way according to the | |||
| 7426 | ciphe r mode. Th ey also al l do nothi ng if the 'key' para meter is N ULL and | 4524 | ciphe r mode. Th ey also al l do nothi ng if the 'key' para meter is N ULL and | |||
| 7427 | for C FB and OFB modes the y zero ctx ->num. | 4525 | for C FB and OFB modes the y zero ctx ->num. | |||
| 7428 | 4526 | |||||
| 7429 | New f unctionali ty allows removal of S/MIME co de RC2 hac k. | 4527 | New f unctionali ty allows removal of S/MIME co de RC2 hac k. | |||
| 7430 | 4528 | |||||
| 7431 | Most of the rou tines have the same form and s o can be d eclared in terms | 4529 | Most of the rou tines have the same form and s o can be d eclared in terms | |||
| 7432 | of ma cros. | 4530 | of ma cros. | |||
| 7433 | 4531 | |||||
| 7434 | By sh ifting thi s to the t op level E VP_CipherI nit() it c an be remo ved from | 4532 | By sh ifting thi s to the t op level E VP_CipherI nit() it c an be remo ved from | |||
| 7435 | all i ndividual ciphers. I f the ciph er wants t o handle I Vs or keys | 4533 | all i ndividual ciphers. I f the ciph er wants t o handle I Vs or keys | |||
| 7436 | diffe rently it can set th e EVP_CIPH _CUSTOM_IV or EVP_CI PH_ALWAYS_ CALL_INIT | 4534 | diffe rently it can set th e EVP_CIPH _CUSTOM_IV or EVP_CI PH_ALWAYS_ CALL_INIT | |||
| 7437 | flags . | 4535 | flags . | |||
| 7438 | 4536 | |||||
| 7439 | Chang e lots of functions like EVP_E ncryptUpda te() to no w return a | 4537 | Chang e lots of functions like EVP_E ncryptUpda te() to no w return a | |||
| 7440 | value : although software versions o f the algo rithms can not fail | 4538 | value : although software versions o f the algo rithms can not fail | |||
| 7441 | any i nstalled h ardware ve rsions can . | 4539 | any i nstalled h ardware ve rsions can . | |||
| 7442 | [Stev e Henson] | 4540 | [Stev e Henson] | |||
| 7443 | 4541 | |||||
| 7444 | *) Imple ment SSL_O P_TLS_ROLL BACK_BUG: In ssl3_ge t_client_k ey_exchang e, if | 4542 | *) Imple ment SSL_O P_TLS_ROLL BACK_BUG: In ssl3_ge t_client_k ey_exchang e, if | |||
| 7445 | this option is set, toler ate broken clients t hat send t he negotia ted | 4543 | this option is set, toler ate broken clients t hat send t he negotia ted | |||
| 7446 | proto col versio n number i nstead of the reques ted protoc ol version | 4544 | proto col versio n number i nstead of the reques ted protoc ol version | |||
| 7447 | numbe r. | 4545 | numbe r. | |||
| 7448 | [Bodo Moeller] | 4546 | [Bodo Moeller] | |||
| 7449 | 4547 | |||||
| 7450 | *) Call dh_tmp_cb (set by .. ._TMP_DH_C B) with co rrect 'is_ export' fl ag; | 4548 | *) Call dh_tmp_cb (set by .. ._TMP_DH_C B) with co rrect 'is_ export' fl ag; | |||
| 7451 | i.e. non-zero f or export ciphersuit es, zero o therwise. | 4549 | i.e. non-zero f or export ciphersuit es, zero o therwise. | |||
| 7452 | Previ ous versio ns had thi s flag inv erted, inc onsistent with | 4550 | Previ ous versio ns had thi s flag inv erted, inc onsistent with | |||
| 7453 | rsa_t mp_cb (... _TMP_RSA_C B). | 4551 | rsa_t mp_cb (... _TMP_RSA_C B). | |||
| 7454 | [Bodo Moeller; problem re ported by Amit Chopr a] | 4552 | [Bodo Moeller; problem re ported by Amit Chopr a] | |||
| 7455 | 4553 | |||||
| 7456 | *) Add m issing DSA library t ext string . Work aro und for so me IIS | 4554 | *) Add m issing DSA library t ext string . Work aro und for so me IIS | |||
| 7457 | key f iles with invalid SE QUENCE enc oding. | 4555 | key f iles with invalid SE QUENCE enc oding. | |||
| 7458 | [Stev e Henson] | 4556 | [Stev e Henson] | |||
| 7459 | 4557 | |||||
| 7460 | *) Add a document (doc/stand ards.txt) that list all kinds of standar ds | 4558 | *) Add a document (doc/stand ards.txt) that list all kinds of standar ds | |||
| 7461 | and s o on that are implem ented in O penSSL. | 4559 | and s o on that are implem ented in O penSSL. | |||
| 7462 | [Rich ard Levitt e] | 4560 | [Rich ard Levitt e] | |||
| 7463 | 4561 | |||||
| 7464 | *) Enhan ce c_rehas h script. Old versio n would mi shandle ce rtificates | 4562 | *) Enhan ce c_rehas h script. Old versio n would mi shandle ce rtificates | |||
| 7465 | with the same s ubject nam e hash and wouldn't handle CRL s at all. | 4563 | with the same s ubject nam e hash and wouldn't handle CRL s at all. | |||
| 7466 | Added -fingerpr int option to crl ut ility, to support ne w c_rehash | 4564 | Added -fingerpr int option to crl ut ility, to support ne w c_rehash | |||
| 7467 | featu res. | 4565 | featu res. | |||
| 7468 | [Stev e Henson] | 4566 | [Stev e Henson] | |||
| 7469 | 4567 | |||||
| 7470 | *) Elimi nate non-A NSI declar ations in crypto.h a nd stack.h . | 4568 | *) Elimi nate non-A NSI declar ations in crypto.h a nd stack.h . | |||
| 7471 | [Ulf Möller] | 4569 | [Ulf Möller] | |||
| 7472 | 4570 | |||||
| 7473 | *) Fix f or SSL ser ver purpos e checking . Server c hecking wa s | 4571 | *) Fix f or SSL ser ver purpos e checking . Server c hecking wa s | |||
| 7474 | rejec ting certi ficates wh ich had ex tended key usage pre sent | 4572 | rejec ting certi ficates wh ich had ex tended key usage pre sent | |||
| 7475 | but n o ssl clie nt purpose . | 4573 | but n o ssl clie nt purpose . | |||
| 7476 | [Stev e Henson, reported b y Rene Gro sser <gros ser@hisolu tions.com> ] | 4574 | [Stev e Henson, reported b y Rene Gro sser <gros ser@hisolu tions.com> ] | |||
| 7477 | 4575 | |||||
| 7478 | *) Make PKCS#12 co de work wi th no pass word. The PKCS#12 sp ec | 4576 | *) Make PKCS#12 co de work wi th no pass word. The PKCS#12 sp ec | |||
| 7479 | is a little unc lear about how a bla nk passwor d is handl ed. | 4577 | is a little unc lear about how a bla nk passwor d is handl ed. | |||
| 7480 | Since the passw ord in enc oded as a BMPString with termi nating | 4578 | Since the passw ord in enc oded as a BMPString with termi nating | |||
| 7481 | doubl e NULL a z ero length password would end up as just the | 4579 | doubl e NULL a z ero length password would end up as just the | |||
| 7482 | doubl e NULL. Ho wever no p assword at all is di fferent an d is | 4580 | doubl e NULL. Ho wever no p assword at all is di fferent an d is | |||
| 7483 | handl ed differe ntly in th e PKCS#12 key genera tion code. NS | 4581 | handl ed differe ntly in th e PKCS#12 key genera tion code. NS | |||
| 7484 | treat s a blank password a s zero len gth. MSIE treats it as no | 4582 | treat s a blank password a s zero len gth. MSIE treats it as no | |||
| 7485 | passw ord on exp ort: but i t will try both on i mport. We now do | 4583 | passw ord on exp ort: but i t will try both on i mport. We now do | |||
| 7486 | the s ame: PKCS1 2_parse() tries zero length an d no passw ord if | 4584 | the s ame: PKCS1 2_parse() tries zero length an d no passw ord if | |||
| 7487 | the p assword is set to "" or NULL ( NULL is no w a valid password: | 4585 | the p assword is set to "" or NULL ( NULL is no w a valid password: | |||
| 7488 | it wa sn't befor e) as does the pkcs1 2 applicat ion. | 4586 | it wa sn't befor e) as does the pkcs1 2 applicat ion. | |||
| 7489 | [Stev e Henson] | 4587 | [Stev e Henson] | |||
| 7490 | 4588 | |||||
| 7491 | *) Bugfi xes in app s/x509.c: Avoid a me mory leak; and don't use | 4589 | *) Bugfi xes in app s/x509.c: Avoid a me mory leak; and don't use | |||
| 7492 | perro r when PEM _read_bio_ X509_REQ f ails, the error mess age must | 4590 | perro r when PEM _read_bio_ X509_REQ f ails, the error mess age must | |||
| 7493 | be ob tained fro m the erro r queue. | 4591 | be ob tained fro m the erro r queue. | |||
| 7494 | [Bodo Moeller] | 4592 | [Bodo Moeller] | |||
| 7495 | 4593 | |||||
| 7496 | *) Avoid 'thread_h ash' memor y leak in crypto/err /err.c by freeing | 4594 | *) Avoid 'thread_h ash' memor y leak in crypto/err /err.c by freeing | |||
| 7497 | it in ERR_remov e_state if appropria te, and ch ange ERR_g et_state | 4595 | it in ERR_remov e_state if appropria te, and ch ange ERR_g et_state | |||
| 7498 | accor dingly to avoid race condition s (this is necessary because | 4596 | accor dingly to avoid race condition s (this is necessary because | |||
| 7499 | threa d_hash is no longer constant o nce set). | 4597 | threa d_hash is no longer constant o nce set). | |||
| 7500 | [Bodo Moeller] | 4598 | [Bodo Moeller] | |||
| 7501 | 4599 | |||||
| 7502 | *) Bugfi x for linu x-elf make file.one. | 4600 | *) Bugfi x for linu x-elf make file.one. | |||
| 7503 | [Ulf Möller] | 4601 | [Ulf Möller] | |||
| 7504 | 4602 | |||||
| 7505 | *) RSA_g et_default _method() will now c ause a def ault | 4603 | *) RSA_g et_default _method() will now c ause a def ault | |||
| 7506 | RSA_M ETHOD to b e chosen i f one does n't exist already. | 4604 | RSA_M ETHOD to b e chosen i f one does n't exist already. | |||
| 7507 | Previ ously this was only set during a call to RSA_new() | 4605 | Previ ously this was only set during a call to RSA_new() | |||
| 7508 | or RS A_new_meth od(NULL) m eaning it was possib le for | 4606 | or RS A_new_meth od(NULL) m eaning it was possib le for | |||
| 7509 | RSA_g et_default _method() to return NULL. | 4607 | RSA_g et_default _method() to return NULL. | |||
| 7510 | [Geof f Thorpe] | 4608 | [Geof f Thorpe] | |||
| 7511 | 4609 | |||||
| 7512 | *) Added native na me transla tion to th e existing DSO code | 4610 | *) Added native na me transla tion to th e existing DSO code | |||
| 7513 | that will conve rt (if the flag to d o so is se t) filenam es | 4611 | that will conve rt (if the flag to d o so is se t) filenam es | |||
| 7514 | that are suffic iently sma ll and hav e no path informatio n | 4612 | that are suffic iently sma ll and hav e no path informatio n | |||
| 7515 | into a canonica l native f orm. Eg. " blah" conv erted to | 4613 | into a canonica l native f orm. Eg. " blah" conv erted to | |||
| 7516 | "libb lah.so" or "blah.dll " etc. | 4614 | "libb lah.so" or "blah.dll " etc. | |||
| 7517 | [Geof f Thorpe] | 4615 | [Geof f Thorpe] | |||
| 7518 | 4616 | |||||
| 7519 | *) New f unction ER R_error_st ring_n(e, buf, len) which is l ike | 4617 | *) New f unction ER R_error_st ring_n(e, buf, len) which is l ike | |||
| 7520 | ERR_e rror_strin g(e, buf), but write s at most 'len' byte s | 4618 | ERR_e rror_strin g(e, buf), but write s at most 'len' byte s | |||
| 7521 | inclu ding the 0 terminato r. For ER R_error_st ring_n, 'b uf' | 4619 | inclu ding the 0 terminato r. For ER R_error_st ring_n, 'b uf' | |||
| 7522 | may n ot be NULL . | 4620 | may n ot be NULL . | |||
| 7523 | [Dami en Miller <djm@mindr ot.org>, B odo Moelle r] | 4621 | [Dami en Miller <djm@mindr ot.org>, B odo Moelle r] | |||
| 7524 | 4622 | |||||
| 7525 | *) CONF library re worked to become mor e general. A new CO NF | 4623 | *) CONF library re worked to become mor e general. A new CO NF | |||
| 7526 | confi guration f ile reader "class" i s implemen ted as wel l as a | 4624 | confi guration f ile reader "class" i s implemen ted as wel l as a | |||
| 7527 | new f unctions ( NCONF_*, f or "New CO NF") to ha ndle it. The now | 4625 | new f unctions ( NCONF_*, f or "New CO NF") to ha ndle it. The now | |||
| 7528 | old C ONF_* func tions are still ther e, but are reimpleme nted to | 4626 | old C ONF_* func tions are still ther e, but are reimpleme nted to | |||
| 7529 | work in terms o f the new functions. Also, a set of fun ctions | 4627 | work in terms o f the new functions. Also, a set of fun ctions | |||
| 7530 | to ha ndle the i nternal st orage of t he configu ration dat a is | 4628 | to ha ndle the i nternal st orage of t he configu ration dat a is | |||
| 7531 | provi ded to mak e it easie r to write new confi guration f ile | 4629 | provi ded to mak e it easie r to write new confi guration f ile | |||
| 7532 | reade r "classes " (I can d efinitely see someth ing readin g a | 4630 | reade r "classes " (I can d efinitely see someth ing readin g a | |||
| 7533 | confi guration f ile in XML format, f or example ), called _CONF_*, | 4631 | confi guration f ile in XML format, f or example ), called _CONF_*, | |||
| 7534 | or "t he configu ration sto rage API". .. | 4632 | or "t he configu ration sto rage API". .. | |||
| 7535 | 4633 | |||||
| 7536 | The n ew configu ration fil e reading functions are: | 4634 | The n ew configu ration fil e reading functions are: | |||
| 7537 | 4635 | |||||
| 7538 | NC ONF_new, N CONF_free, NCONF_loa d, NCONF_l oad_fp, NC ONF_load_b io, | 4636 | NC ONF_new, N CONF_free, NCONF_loa d, NCONF_l oad_fp, NC ONF_load_b io, | |||
| 7539 | NC ONF_get_se ction, NCO NF_get_str ing, NCONF _get_numbr e | 4637 | NC ONF_get_se ction, NCO NF_get_str ing, NCONF _get_numbr e | |||
| 7540 | 4638 | |||||
| 7541 | NC ONF_defaul t, NCONF_W IN32 | 4639 | NC ONF_defaul t, NCONF_W IN32 | |||
| 7542 | 4640 | |||||
| 7543 | NC ONF_dump_f p, NCONF_d ump_bio | 4641 | NC ONF_dump_f p, NCONF_d ump_bio | |||
| 7544 | 4642 | |||||
| 7545 | NCONF _default a nd NCONF_W IN32 are m ethod (or "class") c hoosers, | 4643 | NCONF _default a nd NCONF_W IN32 are m ethod (or "class") c hoosers, | |||
| 7546 | NCONF _new creat es a new C ONF object . This wo rks in the same way | 4644 | NCONF _new creat es a new C ONF object . This wo rks in the same way | |||
| 7547 | as ot her interf aces in Op enSSL, lik e the BIO interface. | 4645 | as ot her interf aces in Op enSSL, lik e the BIO interface. | |||
| 7548 | NCONF _dump_* du mp the int ernal stor age of the configura tion file, | 4646 | NCONF _dump_* du mp the int ernal stor age of the configura tion file, | |||
| 7549 | which is useful for debug ging. All other fun ctions tak e the same | 4647 | which is useful for debug ging. All other fun ctions tak e the same | |||
| 7550 | argum ents as th e old CONF _* functio ns wth the exception of the | 4648 | argum ents as th e old CONF _* functio ns wth the exception of the | |||
| 7551 | first that must be a `CON F *' inste ad of a `L HASH *'. | 4649 | first that must be a `CON F *' inste ad of a `L HASH *'. | |||
| 7552 | 4650 | |||||
| 7553 | To ma ke it ease r to use t he new cla sses with the old CO NF_* funct ions, | 4651 | To ma ke it ease r to use t he new cla sses with the old CO NF_* funct ions, | |||
| 7554 | the f unction CO NF_set_def ault_metho d is provi ded. | 4652 | the f unction CO NF_set_def ault_metho d is provi ded. | |||
| 7555 | [Rich ard Levitt e] | 4653 | [Rich ard Levitt e] | |||
| 7556 | 4654 | |||||
| 7557 | *) Add ' -tls1' opt ion to 'op enssl ciph ers', whic h was alre ady | 4655 | *) Add ' -tls1' opt ion to 'op enssl ciph ers', whic h was alre ady | |||
| 7558 | menti oned in th e document ation but had not be en impleme nted. | 4656 | menti oned in th e document ation but had not be en impleme nted. | |||
| 7559 | (This option is not yet r eally usef ul because even the additional | 4657 | (This option is not yet r eally usef ul because even the additional | |||
| 7560 | exper imental TL S 1.0 ciph ers are cu rrently tr eated as S SL 3.0 cip hers.) | 4658 | exper imental TL S 1.0 ciph ers are cu rrently tr eated as S SL 3.0 cip hers.) | |||
| 7561 | [Bodo Moeller] | 4659 | [Bodo Moeller] | |||
| 7562 | 4660 | |||||
| 7563 | *) Initi al DSO cod e added in to libcryp to for let ting OpenS SL (and | 4661 | *) Initi al DSO cod e added in to libcryp to for let ting OpenS SL (and | |||
| 7564 | OpenS SL-based a pplication s) load sh ared libra ries and b ind to | 4662 | OpenS SL-based a pplication s) load sh ared libra ries and b ind to | |||
| 7565 | them in a porta ble way. | 4663 | them in a porta ble way. | |||
| 7566 | [Geof f Thorpe, with contr ibutions f rom Richar d Levitte] | 4664 | [Geof f Thorpe, with contr ibutions f rom Richar d Levitte] | |||
| 7567 | 4665 | |||||
| 7568 | Changes b etween 0.9 .5 and 0.9 .5a [1 Ap r 2000] | 4666 | Changes b etween 0.9 .5 and 0.9 .5a [1 Ap r 2000] | |||
| 7569 | 4667 | |||||
| 7570 | *) Make sure _lrot l and _lro tr are onl y used wit h MSVC. | 4668 | *) Make sure _lrot l and _lro tr are onl y used wit h MSVC. | |||
| 7571 | 4669 | |||||
| 7572 | *) Use l ock CRYPTO _LOCK_RAND correctly in ssleay _rand_stat us | 4670 | *) Use l ock CRYPTO _LOCK_RAND correctly in ssleay _rand_stat us | |||
| 7573 | (the default im plementati on of RAND _status). | 4671 | (the default im plementati on of RAND _status). | |||
| 7574 | 4672 | |||||
| 7575 | *) Renam e openssl x509 optio n '-crlext ', which w as added i n 0.9.5, | 4673 | *) Renam e openssl x509 optio n '-crlext ', which w as added i n 0.9.5, | |||
| 7576 | to '- clrext' (= clear ext ensions), as intende d and docu mented. | 4674 | to '- clrext' (= clear ext ensions), as intende d and docu mented. | |||
| 7577 | [Bodo Moeller; inconsiste ncy pointe d out by M ichael Att ili | 4675 | [Bodo Moeller; inconsiste ncy pointe d out by M ichael Att ili | |||
| 7578 | <atti li@amaxo.c om>] | 4676 | <atti li@amaxo.c om>] | |||
| 7579 | 4677 | |||||
| 7580 | *) Fix f or HMAC. I t wasn't z eroing the rest of t he block i f the key length | 4678 | *) Fix f or HMAC. I t wasn't z eroing the rest of t he block i f the key length | |||
| 7581 | was l arger than the MD bl ock size. | 4679 | was l arger than the MD bl ock size. | |||
| 7582 | [Stev e Henson, pointed ou t by Yost William <Y ostW@tce.c om>] | 4680 | [Stev e Henson, pointed ou t by Yost William <Y ostW@tce.c om>] | |||
| 7583 | 4681 | |||||
| 7584 | *) Moder nise PKCS1 2_parse() so it uses STACK_OF( X509) for its ca arg ument | 4682 | *) Moder nise PKCS1 2_parse() so it uses STACK_OF( X509) for its ca arg ument | |||
| 7585 | fix a leak when the ca ar gument was passed as NULL. Sto p X509_PUB KEY_set() | 4683 | fix a leak when the ca ar gument was passed as NULL. Sto p X509_PUB KEY_set() | |||
| 7586 | using the passe d key: if the passed key was a private k ey the res ult | 4684 | using the passe d key: if the passed key was a private k ey the res ult | |||
| 7587 | of X5 09_print() , for exam ple, would be to pri nt out all the priva te key | 4685 | of X5 09_print() , for exam ple, would be to pri nt out all the priva te key | |||
| 7588 | compo nents. | 4686 | compo nents. | |||
| 7589 | [Stev e Henson] | 4687 | [Stev e Henson] | |||
| 7590 | 4688 | |||||
| 7591 | *) des_q uad_cksum( ) byte ord er bug fix . | 4689 | *) des_q uad_cksum( ) byte ord er bug fix . | |||
| 7592 | [Ulf Möller, us ing the pr oblem desc ription in krb4-0.9. 7, where | 4690 | [Ulf Möller, us ing the pr oblem desc ription in krb4-0.9. 7, where | |||
| 7593 | the solution i s attribut ed to Derr ick J Bras hear <shad ow@DEMENTI A.ORG>] | 4691 | the solution i s attribut ed to Derr ick J Bras hear <shad ow@DEMENTI A.ORG>] | |||
| 7594 | 4692 | |||||
| 7595 | *) Fix s o V_ASN1_A PP_CHOOSE works agai n: however its use i s strongly | 4693 | *) Fix s o V_ASN1_A PP_CHOOSE works agai n: however its use i s strongly | |||
| 7596 | disco uraged. | 4694 | disco uraged. | |||
| 7597 | [Stev e Henson, pointed ou t by Brian Korver <b riank@cs.s tanford.ed u>] | 4695 | [Stev e Henson, pointed ou t by Brian Korver <b riank@cs.s tanford.ed u>] | |||
| 7598 | 4696 | |||||
| 7599 | *) For e asily test ing in she ll scripts whether s ome comman d | 4697 | *) For e asily test ing in she ll scripts whether s ome comman d | |||
| 7600 | 'open ssl XXX' e xists, the new pseud o-command 'openssl n o-XXX' | 4698 | 'open ssl XXX' e xists, the new pseud o-command 'openssl n o-XXX' | |||
| 7601 | retur ns with ex it code 0 iff no com mand of th e given na me is avai lable. | 4699 | retur ns with ex it code 0 iff no com mand of th e given na me is avai lable. | |||
| 7602 | 'no-X XX' is pri nted in th is case, ' XXX' other wise. In both cases , | 4700 | 'no-X XX' is pri nted in th is case, ' XXX' other wise. In both cases , | |||
| 7603 | the o utput goes to stdout and nothi ng is prin ted to std err. | 4701 | the o utput goes to stdout and nothi ng is prin ted to std err. | |||
| 7604 | Addit ional argu ments are always ign ored. | 4702 | Addit ional argu ments are always ign ored. | |||
| 7605 | 4703 | |||||
| 7606 | Since for each cipher the re is a co mmand of t he same na me, | 4704 | Since for each cipher the re is a co mmand of t he same na me, | |||
| 7607 | the ' no-cipher' compilati on switche s can be t ested this way. | 4705 | the ' no-cipher' compilati on switche s can be t ested this way. | |||
| 7608 | 4706 | |||||
| 7609 | ('ope nssl no-XX X' is not able to de tect pseud o-commands such | 4707 | ('ope nssl no-XX X' is not able to de tect pseud o-commands such | |||
| 7610 | as 'q uit', 'lis t-XXX-comm ands', or 'no-XXX' i tself.) | 4708 | as 'q uit', 'lis t-XXX-comm ands', or 'no-XXX' i tself.) | |||
| 7611 | [Bodo Moeller] | 4709 | [Bodo Moeller] | |||
| 7612 | 4710 | |||||
| 7613 | *) Updat e test sui te so that 'make tes t' succeed s in 'no-r sa' config uration. | 4711 | *) Updat e test sui te so that 'make tes t' succeed s in 'no-r sa' config uration. | |||
| 7614 | [Bodo Moeller] | 4712 | [Bodo Moeller] | |||
| 7615 | 4713 | |||||
| 7616 | *) For S SL_[CTX_]s et_tmp_dh, don't cre ate a DH k ey if SSL_ OP_SINGLE_ DH_USE | 4714 | *) For S SL_[CTX_]s et_tmp_dh, don't cre ate a DH k ey if SSL_ OP_SINGLE_ DH_USE | |||
| 7617 | is se t; it will be thrown away anyw ay because each hand shake crea tes | 4715 | is se t; it will be thrown away anyw ay because each hand shake crea tes | |||
| 7618 | its o wn key. | 4716 | its o wn key. | |||
| 7619 | ssl_c ert_dup, w hich is us ed by SSL_ new, now c opies DH k eys in add ition | 4717 | ssl_c ert_dup, w hich is us ed by SSL_ new, now c opies DH k eys in add ition | |||
| 7620 | to pa rameters - - in previ ous versio ns (since OpenSSL 0. 9.3) the | 4718 | to pa rameters - - in previ ous versio ns (since OpenSSL 0. 9.3) the | |||
| 7621 | 'defa ult key' f rom SSL_CT X_set_tmp_ dh would a lways be l ost, meani ning | 4719 | 'defa ult key' f rom SSL_CT X_set_tmp_ dh would a lways be l ost, meani ning | |||
| 7622 | you e ffectivly got SSL_OP _SINGLE_DH _USE when using this macro. | 4720 | you e ffectivly got SSL_OP _SINGLE_DH _USE when using this macro. | |||
| 7623 | [Bodo Moeller] | 4721 | [Bodo Moeller] | |||
| 7624 | 4722 | |||||
| 7625 | *) New s _client op tion -ign_ eof: EOF a t stdin is ignored, and | 4723 | *) New s _client op tion -ign_ eof: EOF a t stdin is ignored, and | |||
| 7626 | 'Q' a nd 'R' los e their sp ecial mean ings (quit /renegotia te). | 4724 | 'Q' a nd 'R' los e their sp ecial mean ings (quit /renegotia te). | |||
| 7627 | This is part of what -qui et does; u nlike -qui et, -ign_e of | 4725 | This is part of what -qui et does; u nlike -qui et, -ign_e of | |||
| 7628 | does not suppre ss any out put. | 4726 | does not suppre ss any out put. | |||
| 7629 | [Rich ard Levitt e] | 4727 | [Rich ard Levitt e] | |||
| 7630 | 4728 | |||||
| 7631 | *) Add c ompatibili ty options to the pu rpose and trust code . The | 4729 | *) Add c ompatibili ty options to the pu rpose and trust code . The | |||
| 7632 | purpo se X509_PU RPOSE_ANY is "any pu rpose" whi ch automat ically | 4730 | purpo se X509_PU RPOSE_ANY is "any pu rpose" whi ch automat ically | |||
| 7633 | accep ts a certi ficate or CA, this w as the pre vious beha viour, | 4731 | accep ts a certi ficate or CA, this w as the pre vious beha viour, | |||
| 7634 | with all the as sociated s ecurity is sues. | 4732 | with all the as sociated s ecurity is sues. | |||
| 7635 | 4733 | |||||
| 7636 | X509_ TRUST_COMP AT is the old trust behaviour: only and | 4734 | X509_ TRUST_COMP AT is the old trust behaviour: only and | |||
| 7637 | autom atically t rust self signed roo ts in cert ificate st ore. A | 4735 | autom atically t rust self signed roo ts in cert ificate st ore. A | |||
| 7638 | new t rust setti ng X509_TR UST_DEFAUL T is used to specify that | 4736 | new t rust setti ng X509_TR UST_DEFAUL T is used to specify that | |||
| 7639 | a pur pose has n o associat ed trust s etting and it should instead | 4737 | a pur pose has n o associat ed trust s etting and it should instead | |||
| 7640 | use t he value i n the defa ult purpos e. | 4738 | use t he value i n the defa ult purpos e. | |||
| 7641 | [Stev e Henson] | 4739 | [Stev e Henson] | |||
| 7642 | 4740 | |||||
| 7643 | *) Fix t he PKCS#8 DSA privat e key code so it dec odes keys again | 4741 | *) Fix t he PKCS#8 DSA privat e key code so it dec odes keys again | |||
| 7644 | and f ix a memor y leak. | 4742 | and f ix a memor y leak. | |||
| 7645 | [Stev e Henson] | 4743 | [Stev e Henson] | |||
| 7646 | 4744 | |||||
| 7647 | *) In ut il/mkerr.p l (which i mplements 'make erro rs'), pres erve | 4745 | *) In ut il/mkerr.p l (which i mplements 'make erro rs'), pres erve | |||
| 7648 | reaso n strings from the p revious ve rsion of t he .c file , as | 4746 | reaso n strings from the p revious ve rsion of t he .c file , as | |||
| 7649 | the d efault to have only downcase l etters (an d digits) in | 4747 | the d efault to have only downcase l etters (an d digits) in | |||
| 7650 | autom atically g enerated r easons cod es is not always app ropriate. | 4748 | autom atically g enerated r easons cod es is not always app ropriate. | |||
| 7651 | [Bodo Moeller] | 4749 | [Bodo Moeller] | |||
| 7652 | 4750 | |||||
| 7653 | *) In ER R_load_ERR _strings() , build an ERR_LIB_S YS error r eason tabl e | 4751 | *) In ER R_load_ERR _strings() , build an ERR_LIB_S YS error r eason tabl e | |||
| 7654 | using strerror. Previous ly, ERR_re ason_error _string() returned | 4752 | using strerror. Previous ly, ERR_re ason_error _string() returned | |||
| 7655 | libra ry names a s reason s trings for SYSerr; b ut SYSerr is a speci al | 4753 | libra ry names a s reason s trings for SYSerr; b ut SYSerr is a speci al | |||
| 7656 | case where smal l numbers are errno values, no t library numbers. | 4754 | case where smal l numbers are errno values, no t library numbers. | |||
| 7657 | [Bodo Moeller] | 4755 | [Bodo Moeller] | |||
| 7658 | 4756 | |||||
| 7659 | *) Add ' -dsaparam' option to 'openssl dhparam' a pplication . This | 4757 | *) Add ' -dsaparam' option to 'openssl dhparam' a pplication . This | |||
| 7660 | conve rts DSA pa rameters i nto DH par ameters. ( When creat ing parame ters, | 4758 | conve rts DSA pa rameters i nto DH par ameters. ( When creat ing parame ters, | |||
| 7661 | DSA_g enerate_pa rameters i s used.) | 4759 | DSA_g enerate_pa rameters i s used.) | |||
| 7662 | [Bodo Moeller] | 4760 | [Bodo Moeller] | |||
| 7663 | 4761 | |||||
| 7664 | *) Inclu de 'length ' (recomme nded expon ent length ) in C cod e generate d | 4762 | *) Inclu de 'length ' (recomme nded expon ent length ) in C cod e generate d | |||
| 7665 | by 'o penssl dhp aram -C'. | 4763 | by 'o penssl dhp aram -C'. | |||
| 7666 | [Bodo Moeller] | 4764 | [Bodo Moeller] | |||
| 7667 | 4765 | |||||
| 7668 | *) The s econd argu ment to se t_label in perlasm w as already being use d | 4766 | *) The s econd argu ment to se t_label in perlasm w as already being use d | |||
| 7669 | so co uldn't be used as a "file scop e" flag. M oved to th ird argume nt | 4767 | so co uldn't be used as a "file scop e" flag. M oved to th ird argume nt | |||
| 7670 | which was free. | 4768 | which was free. | |||
| 7671 | [Stev e Henson] | 4769 | [Stev e Henson] | |||
| 7672 | 4770 | |||||
| 7673 | *) In PE M_ASN1_wri te_bio and some othe r function s, use RAN D_pseudo_b ytes | 4771 | *) In PE M_ASN1_wri te_bio and some othe r function s, use RAN D_pseudo_b ytes | |||
| 7674 | inste ad of RAND _bytes for encryptio n IVs and salts. | 4772 | inste ad of RAND _bytes for encryptio n IVs and salts. | |||
| 7675 | [Bodo Moeller] | 4773 | [Bodo Moeller] | |||
| 7676 | 4774 | |||||
| 7677 | *) Inclu de RAND_st atus() int o RAND_MET HOD instea d of imple menting | 4775 | *) Inclu de RAND_st atus() int o RAND_MET HOD instea d of imple menting | |||
| 7678 | it on ly for md_ rand.c Ot herwise re placing th e PRNG by calling | 4776 | it on ly for md_ rand.c Ot herwise re placing th e PRNG by calling | |||
| 7679 | RAND_ set_rand_m ethod woul d be impos sible. | 4777 | RAND_ set_rand_m ethod woul d be impos sible. | |||
| 7680 | [Bodo Moeller] | 4778 | [Bodo Moeller] | |||
| 7681 | 4779 | |||||
| 7682 | *) Don't let DSA_g enerate_ke y() enter an infinit e loop if the random | 4780 | *) Don't let DSA_g enerate_ke y() enter an infinit e loop if the random | |||
| 7683 | numbe r generati on fails. | 4781 | numbe r generati on fails. | |||
| 7684 | [Bodo Moeller] | 4782 | [Bodo Moeller] | |||
| 7685 | 4783 | |||||
| 7686 | *) New ' rand' appl ication fo r creating pseudo-ra ndom outpu t. | 4784 | *) New ' rand' appl ication fo r creating pseudo-ra ndom outpu t. | |||
| 7687 | [Bodo Moeller] | 4785 | [Bodo Moeller] | |||
| 7688 | 4786 | |||||
| 7689 | *) Added configura tion suppo rt for Lin ux/IA64 | 4787 | *) Added configura tion suppo rt for Lin ux/IA64 | |||
| 7690 | [Rolf Haberreck er <rolf@s use.de>] | 4788 | [Rolf Haberreck er <rolf@s use.de>] | |||
| 7691 | 4789 | |||||
| 7692 | *) Assem bler modul e support for Mingw3 2. | 4790 | *) Assem bler modul e support for Mingw3 2. | |||
| 7693 | [Ulf Möller] | 4791 | [Ulf Möller] | |||
| 7694 | 4792 | |||||
| 7695 | *) Share d library support fo r HPUX (in shlib/). | 4793 | *) Share d library support fo r HPUX (in shlib/). | |||
| 7696 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE> and An onymous] | 4794 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE> and An onymous] | |||
| 7697 | 4795 | |||||
| 7698 | *) Share d library support fo r Solaris gcc. | 4796 | *) Share d library support fo r Solaris gcc. | |||
| 7699 | [Lutz Behnke <b ehnke@trus tcenter.de >] | 4797 | [Lutz Behnke <b ehnke@trus tcenter.de >] | |||
| 7700 | 4798 | |||||
| 7701 | Changes b etween 0.9 .4 and 0.9 .5 [28 Fe b 2000] | 4799 | Changes b etween 0.9 .4 and 0.9 .5 [28 Fe b 2000] | |||
| 7702 | 4800 | |||||
| 7703 | *) PKCS7 _encrypt() was addin g text MIM E headers twice beca use they | 4801 | *) PKCS7 _encrypt() was addin g text MIM E headers twice beca use they | |||
| 7704 | were added manu ally and b y SMIME_cr lf_copy(). | 4802 | were added manu ally and b y SMIME_cr lf_copy(). | |||
| 7705 | [Stev e Henson] | 4803 | [Stev e Henson] | |||
| 7706 | 4804 | |||||
| 7707 | *) In bn test.c don 't call BN _rand with zero bits argument. | 4805 | *) In bn test.c don 't call BN _rand with zero bits argument. | |||
| 7708 | [Stev e Henson, pointed ou t by Andre w W. Gray <agray@ico nsinc.com> ] | 4806 | [Stev e Henson, pointed ou t by Andre w W. Gray <agray@ico nsinc.com> ] | |||
| 7709 | 4807 | |||||
| 7710 | *) BN_mu l bugfix: In bn_mul_ part_recur sion() onl y the a>a[ n] && b>b[ n] | 4808 | *) BN_mu l bugfix: In bn_mul_ part_recur sion() onl y the a>a[ n] && b>b[ n] | |||
| 7711 | case was implem ented. Thi s caused B N_div_recp () to fail occasiona lly. | 4809 | case was implem ented. Thi s caused B N_div_recp () to fail occasiona lly. | |||
| 7712 | [Ulf Möller] | 4810 | [Ulf Möller] | |||
| 7713 | 4811 | |||||
| 7714 | *) Add a n optional second ar gument to the set_la bel() in t he perl | 4812 | *) Add a n optional second ar gument to the set_la bel() in t he perl | |||
| 7715 | assem bly langua ge builder . If this argument e xists and is set | 4813 | assem bly langua ge builder . If this argument e xists and is set | |||
| 7716 | to 1 it signals that the assembler should use a symbol whose | 4814 | to 1 it signals that the assembler should use a symbol whose | |||
| 7717 | scope is the en tire file, not just the curren t function . This | 4815 | scope is the en tire file, not just the curren t function . This | |||
| 7718 | is ne eded with MASM which uses the format lab el:: for t his scope. | 4816 | is ne eded with MASM which uses the format lab el:: for t his scope. | |||
| 7719 | [Stev e Henson, pointed ou t by Peter Runestig <peter@run estig.com> ] | 4817 | [Stev e Henson, pointed ou t by Peter Runestig <peter@run estig.com> ] | |||
| 7720 | 4818 | |||||
| 7721 | *) Chang e the ASN1 types so they are t ypedefs by default. Before | 4819 | *) Chang e the ASN1 types so they are t ypedefs by default. Before | |||
| 7722 | almos t all type s were #de fine'd to ASN1_STRIN G which wa s causing | 4820 | almos t all type s were #de fine'd to ASN1_STRIN G which wa s causing | |||
| 7723 | STACK _OF() prob lems: you couldn't d eclare STA CK_OF(ASN1 _UTF8STRIN G) | 4821 | STACK _OF() prob lems: you couldn't d eclare STA CK_OF(ASN1 _UTF8STRIN G) | |||
| 7724 | for e xample. | 4822 | for e xample. | |||
| 7725 | [Stev e Henson] | 4823 | [Stev e Henson] | |||
| 7726 | 4824 | |||||
| 7727 | *) Chang e names of new funct ions to th e new get1 /get0 nami ng | 4825 | *) Chang e names of new funct ions to th e new get1 /get0 nami ng | |||
| 7728 | conve ntion: Aft er 'get1', the calle r owns a r eference c ount | 4826 | conve ntion: Aft er 'get1', the calle r owns a r eference c ount | |||
| 7729 | and h as to call ..._free; 'get0' re turns a po inter to s ome | 4827 | and h as to call ..._free; 'get0' re turns a po inter to s ome | |||
| 7730 | data structure without in crementing reference counters. | 4828 | data structure without in crementing reference counters. | |||
| 7731 | (Some of the ex isting 'ge t' functio ns increme nt a refer ence | 4829 | (Some of the ex isting 'ge t' functio ns increme nt a refer ence | |||
| 7732 | count er, some d on't.) | 4830 | count er, some d on't.) | |||
| 7733 | Simil arly, 'set 1' and 'ad d1' functi ons increa se referen ce | 4831 | Simil arly, 'set 1' and 'ad d1' functi ons increa se referen ce | |||
| 7734 | count ers or dup licate obj ects. | 4832 | count ers or dup licate obj ects. | |||
| 7735 | [Stev e Henson] | 4833 | [Stev e Henson] | |||
| 7736 | 4834 | |||||
| 7737 | *) Allow for the p ossibility of temp R SA key gen eration fa ilure: | 4835 | *) Allow for the p ossibility of temp R SA key gen eration fa ilure: | |||
| 7738 | the c ode used t o assume i t always w orked and crashed on failure. | 4836 | the c ode used t o assume i t always w orked and crashed on failure. | |||
| 7739 | [Stev e Henson] | 4837 | [Stev e Henson] | |||
| 7740 | 4838 | |||||
| 7741 | *) Fix p otential b uffer over run proble m in BIO_p rintf(). | 4839 | *) Fix p otential b uffer over run proble m in BIO_p rintf(). | |||
| 7742 | [Ulf Möller, us ing public domain co de by Patr ick Powell ; problem | 4840 | [Ulf Möller, us ing public domain co de by Patr ick Powell ; problem | |||
| 7743 | poin ted out by David Sac erdote <da s33@cornel l.edu>] | 4841 | poin ted out by David Sac erdote <da s33@cornel l.edu>] | |||
| 7744 | 4842 | |||||
| 7745 | *) Suppo rt EGD <ht tp://www.l othar.com/ tech/crypt o/>. New functions | 4843 | *) Suppo rt EGD <ht tp://www.l othar.com/ tech/crypt o/>. New functions | |||
| 7746 | RAND_ egd() and RAND_statu s(). In t he command line appl ication, | 4844 | RAND_ egd() and RAND_statu s(). In t he command line appl ication, | |||
| 7747 | the E GD socket can be spe cified lik e a seed f ile using RANDFILE | 4845 | the E GD socket can be spe cified lik e a seed f ile using RANDFILE | |||
| 7748 | or -r and. | 4846 | or -r and. | |||
| 7749 | [Ulf Möller] | 4847 | [Ulf Möller] | |||
| 7750 | 4848 | |||||
| 7751 | *) Allow the strin g CERTIFIC ATE to be tolerated in PKCS#7 structures . | 4849 | *) Allow the strin g CERTIFIC ATE to be tolerated in PKCS#7 structures . | |||
| 7752 | Some CAs (e.g. Verisign) distribute certifica tes in thi s form. | 4850 | Some CAs (e.g. Verisign) distribute certifica tes in thi s form. | |||
| 7753 | [Stev e Henson] | 4851 | [Stev e Henson] | |||
| 7754 | 4852 | |||||
| 7755 | *) Remov e the SSL_ ALLOW_ADH compile op tion and s et the def ault ciphe r | 4853 | *) Remov e the SSL_ ALLOW_ADH compile op tion and s et the def ault ciphe r | |||
| 7756 | list to exclude them. Thi s means th at no spec ial compil ation opti on | 4854 | list to exclude them. Thi s means th at no spec ial compil ation opti on | |||
| 7757 | is ne eded to us e anonymou s DH: it j ust needs to be incl uded in th e | 4855 | is ne eded to us e anonymou s DH: it j ust needs to be incl uded in th e | |||
| 7758 | ciphe r list. | 4856 | ciphe r list. | |||
| 7759 | [Stev e Henson] | 4857 | [Stev e Henson] | |||
| 7760 | 4858 | |||||
| 7761 | *) Chang e the EVP_ MD_CTX_typ e macro so its meani ng consist ent with | 4859 | *) Chang e the EVP_ MD_CTX_typ e macro so its meani ng consist ent with | |||
| 7762 | EVP_M D_type. Th e old func tionality is availab le in a ne w macro ca lled | 4860 | EVP_M D_type. Th e old func tionality is availab le in a ne w macro ca lled | |||
| 7763 | EVP_M D_md(). Ch ange code that uses it and upd ate docs. | 4861 | EVP_M D_md(). Ch ange code that uses it and upd ate docs. | |||
| 7764 | [Stev e Henson] | 4862 | [Stev e Henson] | |||
| 7765 | 4863 | |||||
| 7766 | *) ..._c trl functi ons now ha ve corresp onding ... _callback_ ctrl funct ions | 4864 | *) ..._c trl functi ons now ha ve corresp onding ... _callback_ ctrl funct ions | |||
| 7767 | where the 'void *' argume nt is repl aced by a function p ointer arg ument. | 4865 | where the 'void *' argume nt is repl aced by a function p ointer arg ument. | |||
| 7768 | Previ ously 'voi d *' was a bused to p oint to fu nctions, w hich works on | 4866 | Previ ously 'voi d *' was a bused to p oint to fu nctions, w hich works on | |||
| 7769 | many platforms, but is no t correct. As these functions are usual ly | 4867 | many platforms, but is no t correct. As these functions are usual ly | |||
| 7770 | calle d by macro s defined in OpenSSL header fi les, most source cod e | 4868 | calle d by macro s defined in OpenSSL header fi les, most source cod e | |||
| 7771 | shoul d work wit hout chang es. | 4869 | shoul d work wit hout chang es. | |||
| 7772 | [Rich ard Levitt e] | 4870 | [Rich ard Levitt e] | |||
| 7773 | 4871 | |||||
| 7774 | *) <open ssl/openss lconf.h> ( which is c reated by Configure) now conta ins | 4872 | *) <open ssl/openss lconf.h> ( which is c reated by Configure) now conta ins | |||
| 7775 | secti ons with i nformation on -D... compiler s witches us ed for | 4873 | secti ons with i nformation on -D... compiler s witches us ed for | |||
| 7776 | compi ling the l ibrary so that appli cations ca n see them . To enab le | 4874 | compi ling the l ibrary so that appli cations ca n see them . To enab le | |||
| 7777 | one o f these se ctions, a pre-proces sor symbol OPENSSL_. .._DEFINES | 4875 | one o f these se ctions, a pre-proces sor symbol OPENSSL_. .._DEFINES | |||
| 7778 | must be defined . E.g., | 4876 | must be defined . E.g., | |||
| 7779 | #d efine OPEN SSL_ALGORI THM_DEFINE S | 4877 | #d efine OPEN SSL_ALGORI THM_DEFINE S | |||
| 7780 | #i nclude <op enssl/open sslconf.h> | 4878 | #i nclude <op enssl/open sslconf.h> | |||
| 7781 | defin es all per tinent NO_ <algo> sym bols, such as NO_IDE A, NO_RSA, etc. | 4879 | defin es all per tinent NO_ <algo> sym bols, such as NO_IDE A, NO_RSA, etc. | |||
| 7782 | [Rich ard Levitt e, Ulf and Bodo Möll er] | 4880 | [Rich ard Levitt e, Ulf and Bodo Möll er] | |||
| 7783 | 4881 | |||||
| 7784 | *) Bugfi x: Tolerat e fragment ation and interleavi ng in the SSL 3/TLS | 4882 | *) Bugfi x: Tolerat e fragment ation and interleavi ng in the SSL 3/TLS | |||
| 7785 | recor d layer. | 4883 | recor d layer. | |||
| 7786 | [Bodo Moeller] | 4884 | [Bodo Moeller] | |||
| 7787 | 4885 | |||||
| 7788 | *) Chang e the 'oth er' type i n certific ate aux in fo to a ST ACK_OF | 4886 | *) Chang e the 'oth er' type i n certific ate aux in fo to a ST ACK_OF | |||
| 7789 | X509_ ALGOR. Alt hough not an Algorit hmIdentifi er as such it has | 4887 | X509_ ALGOR. Alt hough not an Algorit hmIdentifi er as such it has | |||
| 7790 | the r equired AS N1 format: arbitrary types det ermined by an OID. | 4888 | the r equired AS N1 format: arbitrary types det ermined by an OID. | |||
| 7791 | [Stev e Henson] | 4889 | [Stev e Henson] | |||
| 7792 | 4890 | |||||
| 7793 | *) Add s ome PEM_wr ite_X509_R EQ_NEW() f unctions a nd a comma nd line | 4891 | *) Add s ome PEM_wr ite_X509_R EQ_NEW() f unctions a nd a comma nd line | |||
| 7794 | argum ent to 're q'. This i s not beca use the fu nction is newer or | 4892 | argum ent to 're q'. This i s not beca use the fu nction is newer or | |||
| 7795 | bette r than oth ers it jus t uses the work 'NEW ' in the c ertificate | 4893 | bette r than oth ers it jus t uses the work 'NEW ' in the c ertificate | |||
| 7796 | reque st header lines. Som e software needs thi s. | 4894 | reque st header lines. Som e software needs thi s. | |||
| 7797 | [Stev e Henson] | 4895 | [Stev e Henson] | |||
| 7798 | 4896 | |||||
| 7799 | *) Reorg anise pass word comma nd line ar guments: n ow passwor ds can be | 4897 | *) Reorg anise pass word comma nd line ar guments: n ow passwor ds can be | |||
| 7800 | obtai ned from v arious sou rces. Dele te the PEM _cb functi on and mak e | 4898 | obtai ned from v arious sou rces. Dele te the PEM _cb functi on and mak e | |||
| 7801 | it th e default behaviour: i.e. if t he callbac k is NULL and the | 4899 | it th e default behaviour: i.e. if t he callbac k is NULL and the | |||
| 7802 | usrda ta argumen t is not N ULL interp ret it as a null ter minated pa ss | 4900 | usrda ta argumen t is not N ULL interp ret it as a null ter minated pa ss | |||
| 7803 | phras e. If usrd ata and th e callback are NULL then the p ass phrase | 4901 | phras e. If usrd ata and th e callback are NULL then the p ass phrase | |||
| 7804 | is pr ompted for as usual. | 4902 | is pr ompted for as usual. | |||
| 7805 | [Stev e Henson] | 4903 | [Stev e Henson] | |||
| 7806 | 4904 | |||||
| 7807 | *) Add s upport for the Compa q Atalla c rypto acce lerator. I f it is in stalled, | 4905 | *) Add s upport for the Compa q Atalla c rypto acce lerator. I f it is in stalled, | |||
| 7808 | the s upport is automatica lly enable d. The res ulting bin aries will | 4906 | the s upport is automatica lly enable d. The res ulting bin aries will | |||
| 7809 | autod etect the card and u se it if p resent. | 4907 | autod etect the card and u se it if p resent. | |||
| 7810 | [Ben Laurie and Compaq In c.] | 4908 | [Ben Laurie and Compaq In c.] | |||
| 7811 | 4909 | |||||
| 7812 | *) Work around for Netscape hang bug. This sends certifica te request | 4910 | *) Work around for Netscape hang bug. This sends certifica te request | |||
| 7813 | and s erver done in one re cord. Sinc e this is perfectly legal in t he | 4911 | and s erver done in one re cord. Sinc e this is perfectly legal in t he | |||
| 7814 | SSL/T LS protoco l it isn't a "bug" o ption and is on by d efault. Se e | 4912 | SSL/T LS protoco l it isn't a "bug" o ption and is on by d efault. Se e | |||
| 7815 | the b ugs/SSLv3 entry for more info. | 4913 | the b ugs/SSLv3 entry for more info. | |||
| 7816 | [Stev e Henson] | 4914 | [Stev e Henson] | |||
| 7817 | 4915 | |||||
| 7818 | *) HP-UX tune-up: new unifie d configs, HP C comp iler bug w orkaround. | 4916 | *) HP-UX tune-up: new unifie d configs, HP C comp iler bug w orkaround. | |||
| 7819 | [Andy Polyakov] | 4917 | [Andy Polyakov] | |||
| 7820 | 4918 | |||||
| 7821 | *) Add - rand argum ent to smi me and pkc s12 applic ations and read/writ e | 4919 | *) Add - rand argum ent to smi me and pkc s12 applic ations and read/writ e | |||
| 7822 | of se ed file. | 4920 | of se ed file. | |||
| 7823 | [Stev e Henson] | 4921 | [Stev e Henson] | |||
| 7824 | 4922 | |||||
| 7825 | *) New ' passwd' to ol for cry pt(3) and apr1 passw ord hashes . | 4923 | *) New ' passwd' to ol for cry pt(3) and apr1 passw ord hashes . | |||
| 7826 | [Bodo Moeller] | 4924 | [Bodo Moeller] | |||
| 7827 | 4925 | |||||
| 7828 | *) Add c ommand lin e password options t o the rema ining appl ications. | 4926 | *) Add c ommand lin e password options t o the rema ining appl ications. | |||
| 7829 | [Stev e Henson] | 4927 | [Stev e Henson] | |||
| 7830 | 4928 | |||||
| 7831 | *) Bug f ix for BN_ div_recp() for numer ators with an even n umber of | 4929 | *) Bug f ix for BN_ div_recp() for numer ators with an even n umber of | |||
| 7832 | bits. | 4930 | bits. | |||
| 7833 | [Ulf Möller] | 4931 | [Ulf Möller] | |||
| 7834 | 4932 | |||||
| 7835 | *) More tests in b ntest.c, a nd changed test_bn o utput. | 4933 | *) More tests in b ntest.c, a nd changed test_bn o utput. | |||
| 7836 | [Ulf Möller] | 4934 | [Ulf Möller] | |||
| 7837 | 4935 | |||||
| 7838 | *) ./con fig recogn izes MacOS X now. | 4936 | *) ./con fig recogn izes MacOS X now. | |||
| 7839 | [Andy Polyakov] | 4937 | [Andy Polyakov] | |||
| 7840 | 4938 | |||||
| 7841 | *) Bug f ix for BN_ div() when the first words of num and di vsor are | 4939 | *) Bug f ix for BN_ div() when the first words of num and di vsor are | |||
| 7842 | equal (it gave wrong resu lts if (re m=(n1-q*d0 )&BN_MASK2 ) < d0). | 4940 | equal (it gave wrong resu lts if (re m=(n1-q*d0 )&BN_MASK2 ) < d0). | |||
| 7843 | [Ulf Möller] | 4941 | [Ulf Möller] | |||
| 7844 | 4942 | |||||
| 7845 | *) Add s upport for various b roken PKCS #8 formats , and comm and line | 4943 | *) Add s upport for various b roken PKCS #8 formats , and comm and line | |||
| 7846 | optio ns to prod uce them. | 4944 | optio ns to prod uce them. | |||
| 7847 | [Stev e Henson] | 4945 | [Stev e Henson] | |||
| 7848 | 4946 | |||||
| 7849 | *) New f unctions B N_CTX_star t(), BN_CT X_get() an d BT_CTX_e nd() to | 4947 | *) New f unctions B N_CTX_star t(), BN_CT X_get() an d BT_CTX_e nd() to | |||
| 7850 | get t emporary B IGNUMs fro m a BN_CTX . | 4948 | get t emporary B IGNUMs fro m a BN_CTX . | |||
| 7851 | [Ulf Möller] | 4949 | [Ulf Möller] | |||
| 7852 | 4950 | |||||
| 7853 | *) Corre ct return values in BN_mod_exp _mont() an d BN_mod_e xp2_mont() | 4951 | *) Corre ct return values in BN_mod_exp _mont() an d BN_mod_e xp2_mont() | |||
| 7854 | for p == 0. | 4952 | for p == 0. | |||
| 7855 | [Ulf Möller] | 4953 | [Ulf Möller] | |||
| 7856 | 4954 | |||||
| 7857 | *) Chang e the SSLe ay_add_all _*() funct ions to Op enSSL_add_ all_*() an d | 4955 | *) Chang e the SSLe ay_add_all _*() funct ions to Op enSSL_add_ all_*() an d | |||
| 7858 | inclu de a #defi ne from th e old name to the ne w. The ori ginal inte nt | 4956 | inclu de a #defi ne from th e old name to the ne w. The ori ginal inte nt | |||
| 7859 | was t hat static ally linke d binaries could for example j ust call | 4957 | was t hat static ally linke d binaries could for example j ust call | |||
| 7860 | SSLea y_add_all_ ciphers() to just ad d ciphers to the tab le and not | 4958 | SSLea y_add_all_ ciphers() to just ad d ciphers to the tab le and not | |||
| 7861 | link with diges ts. This n ever worke d becayse SSLeay_add _all_diges ts() | 4959 | link with diges ts. This n ever worke d becayse SSLeay_add _all_diges ts() | |||
| 7862 | and S SLeay_add_ all_cipher s() were i n the same source fi le so call ing | 4960 | and S SLeay_add_ all_cipher s() were i n the same source fi le so call ing | |||
| 7863 | one w ould link with the o ther. They are now i n separate source fi les. | 4961 | one w ould link with the o ther. They are now i n separate source fi les. | |||
| 7864 | [Stev e Henson] | 4962 | [Stev e Henson] | |||
| 7865 | 4963 | |||||
| 7866 | *) Add a new -note xt option to 'ca' an d a -pubke y option t o 'spkac'. | 4964 | *) Add a new -note xt option to 'ca' an d a -pubke y option t o 'spkac'. | |||
| 7867 | [Stev e Henson] | 4965 | [Stev e Henson] | |||
| 7868 | 4966 | |||||
| 7869 | *) Use a less unus ual form o f the Mill er-Rabin p rimality t est (it us ed | 4967 | *) Use a less unus ual form o f the Mill er-Rabin p rimality t est (it us ed | |||
| 7870 | a bin ary algori thm for ex ponentiati on integra ted into t he Miller- Rabin | 4968 | a bin ary algori thm for ex ponentiati on integra ted into t he Miller- Rabin | |||
| 7871 | loop, our stand ard modexp algorithm s are fast er). | 4969 | loop, our stand ard modexp algorithm s are fast er). | |||
| 7872 | [Bodo Moeller] | 4970 | [Bodo Moeller] | |||
| 7873 | 4971 | |||||
| 7874 | *) Suppo rt for the EBCDIC ch aracter se t complete d. | 4972 | *) Suppo rt for the EBCDIC ch aracter se t complete d. | |||
| 7875 | [Mart in Kraemer <Martin.K raemer@Mch .SNI.De>] | 4973 | [Mart in Kraemer <Martin.K raemer@Mch .SNI.De>] | |||
| 7876 | 4974 | |||||
| 7877 | *) Sourc e code cle anups: use const whe re appropr iate, elim inate cast s, | 4975 | *) Sourc e code cle anups: use const whe re appropr iate, elim inate cast s, | |||
| 7878 | use v oid * inst ead of cha r * in lha sh. | 4976 | use v oid * inst ead of cha r * in lha sh. | |||
| 7879 | [Ulf Möller] | 4977 | [Ulf Möller] | |||
| 7880 | 4978 | |||||
| 7881 | *) Bugfi x: ssl3_se nd_server_ key_exchan ge was not restartab le | 4979 | *) Bugfi x: ssl3_se nd_server_ key_exchan ge was not restartab le | |||
| 7882 | (the state was not change d to SSL3_ ST_SW_KEY_ EXCH_B, an d because of | 4980 | (the state was not change d to SSL3_ ST_SW_KEY_ EXCH_B, an d because of | |||
| 7883 | this the server could ove rwrite eph emeral key s that the client | 4981 | this the server could ove rwrite eph emeral key s that the client | |||
| 7884 | has a lready see n). | 4982 | has a lready see n). | |||
| 7885 | [Bodo Moeller] | 4983 | [Bodo Moeller] | |||
| 7886 | 4984 | |||||
| 7887 | *) Turn DSA_is_pri me into a macro that calls BN_ is_prime, | 4985 | *) Turn DSA_is_pri me into a macro that calls BN_ is_prime, | |||
| 7888 | using 50 iterat ions of th e Rabin-Mi ller test. | 4986 | using 50 iterat ions of th e Rabin-Mi ller test. | |||
| 7889 | 4987 | |||||
| 7890 | DSA_g enerate_pa rameters n ow uses BN _is_prime_ fasttest ( with 50 | 4988 | DSA_g enerate_pa rameters n ow uses BN _is_prime_ fasttest ( with 50 | |||
| 7891 | itera tions of t he Rabin-M iller test as requir ed by the appendix | 4989 | itera tions of t he Rabin-M iller test as requir ed by the appendix | |||
| 7892 | to FI PS PUB 186 [-1]) inst ead of DSA _is_prime. | 4990 | to FI PS PUB 186 [-1]) inst ead of DSA _is_prime. | |||
| 7893 | As BN _is_prime_ fasttest i ncludes tr ial divisi on, DSA pa rameter | 4991 | As BN _is_prime_ fasttest i ncludes tr ial divisi on, DSA pa rameter | |||
| 7894 | gener ation beco mes much f aster. | 4992 | gener ation beco mes much f aster. | |||
| 7895 | 4993 | |||||
| 7896 | This implies a change for the callb ack functi ons in DSA _is_prime | 4994 | This implies a change for the callb ack functi ons in DSA _is_prime | |||
| 7897 | and D SA_generat e_paramete rs: The ca llback fun ction is c alled once | 4995 | and D SA_generat e_paramete rs: The ca llback fun ction is c alled once | |||
| 7898 | for e ach positi ve witness in the Ra bin-Miller test, not just | 4996 | for e ach positi ve witness in the Ra bin-Miller test, not just | |||
| 7899 | occas ionally in the inner loop; and the param eters to t he | 4997 | occas ionally in the inner loop; and the param eters to t he | |||
| 7900 | callb ack functi on now pro vide an it eration co unt for th e outer | 4998 | callb ack functi on now pro vide an it eration co unt for th e outer | |||
| 7901 | loop rather tha n for the current in vocation o f the inne r loop. | 4999 | loop rather tha n for the current in vocation o f the inne r loop. | |||
| 7902 | DSA_g enerate_pa rameters a dditionall y can call the callb ack | 5000 | DSA_g enerate_pa rameters a dditionall y can call the callb ack | |||
| 7903 | funct ion with a n 'iterati on count' of -1, mea ning that a | 5001 | funct ion with a n 'iterati on count' of -1, mea ning that a | |||
| 7904 | candi date has p assed the trial divi sion test (when q is generated | 5002 | candi date has p assed the trial divi sion test (when q is generated | |||
| 7905 | from an applica tion-provi ded seed, trial divi sion is sk ipped). | 5003 | from an applica tion-provi ded seed, trial divi sion is sk ipped). | |||
| 7906 | [Bodo Moeller] | 5004 | [Bodo Moeller] | |||
| 7907 | 5005 | |||||
| 7908 | *) New f unction BN _is_prime_ fasttest t hat option ally does trial | 5006 | *) New f unction BN _is_prime_ fasttest t hat option ally does trial | |||
| 7909 | divis ion before starting the Rabin- Miller tes t and has | 5007 | divis ion before starting the Rabin- Miller tes t and has | |||
| 7910 | an ad ditional B N_CTX * ar gument (wh ereas BN_i s_prime al ways | 5008 | an ad ditional B N_CTX * ar gument (wh ereas BN_i s_prime al ways | |||
| 7911 | has t o allocate at least one BN_CTX ). | 5009 | has t o allocate at least one BN_CTX ). | |||
| 7912 | 'call back(1, -1 , cb_arg)' is called when a nu mber has p assed the | 5010 | 'call back(1, -1 , cb_arg)' is called when a nu mber has p assed the | |||
| 7913 | trial division stage. | 5011 | trial division stage. | |||
| 7914 | [Bodo Moeller] | 5012 | [Bodo Moeller] | |||
| 7915 | 5013 | |||||
| 7916 | *) Fix f or bug in CRL encodi ng. The va lidity dat es weren't being han dled | 5014 | *) Fix f or bug in CRL encodi ng. The va lidity dat es weren't being han dled | |||
| 7917 | as AS N1_TIME. | 5015 | as AS N1_TIME. | |||
| 7918 | [Stev e Henson] | 5016 | [Stev e Henson] | |||
| 7919 | 5017 | |||||
| 7920 | *) New - pkcs12 opt ion to CA. pl script to write o ut a PKCS# 12 file. | 5018 | *) New - pkcs12 opt ion to CA. pl script to write o ut a PKCS# 12 file. | |||
| 7921 | [Stev e Henson] | 5019 | [Stev e Henson] | |||
| 7922 | 5020 | |||||
| 7923 | *) New f unction BN _pseudo_ra nd(). | 5021 | *) New f unction BN _pseudo_ra nd(). | |||
| 7924 | [Ulf Möller] | 5022 | [Ulf Möller] | |||
| 7925 | 5023 | |||||
| 7926 | *) Clean up BN_mod _mul_montg omery(): r eplace the broken (a nd unreada ble) | 5024 | *) Clean up BN_mod _mul_montg omery(): r eplace the broken (a nd unreada ble) | |||
| 7927 | bignu m version of BN_from _montgomer y() with t he working code from | 5025 | bignu m version of BN_from _montgomer y() with t he working code from | |||
| 7928 | SSLea y 0.9.0 (t he word ba sed versio n is faste r anyway), and clean up | 5026 | SSLea y 0.9.0 (t he word ba sed versio n is faste r anyway), and clean up | |||
| 7929 | the c omments. | 5027 | the c omments. | |||
| 7930 | [Ulf Möller] | 5028 | [Ulf Möller] | |||
| 7931 | 5029 | |||||
| 7932 | *) Avoid a race co ndition in s2_clnt.c (function get_serve r_hello) t hat | 5030 | *) Avoid a race co ndition in s2_clnt.c (function get_serve r_hello) t hat | |||
| 7933 | made it impossi ble to use the same SSL_SESSIO N data str ucture in | 5031 | made it impossi ble to use the same SSL_SESSIO N data str ucture in | |||
| 7934 | SSL2 clients in multiple threads. | 5032 | SSL2 clients in multiple threads. | |||
| 7935 | [Bodo Moeller] | 5033 | [Bodo Moeller] | |||
| 7936 | 5034 | |||||
| 7937 | *) The r eturn valu e of RAND_ load_file( ) no longe r counts b ytes obtai ned | 5035 | *) The r eturn valu e of RAND_ load_file( ) no longe r counts b ytes obtai ned | |||
| 7938 | by st at(). RAN D_load_fil e(..., -1) is new an d uses the complete file | 5036 | by st at(). RAN D_load_fil e(..., -1) is new an d uses the complete file | |||
| 7939 | to se ed the PRN G (previou sly an exp licit byte count was required) . | 5037 | to se ed the PRN G (previou sly an exp licit byte count was required) . | |||
| 7940 | [Ulf Möller, Bo do Möller] | 5038 | [Ulf Möller, Bo do Möller] | |||
| 7941 | 5039 | |||||
| 7942 | *) Clean up CRYPTO _EX_DATA f unctions, some of th ese didn't have prot otypes | 5040 | *) Clean up CRYPTO _EX_DATA f unctions, some of th ese didn't have prot otypes | |||
| 7943 | used (char *) i nstead of (void *) a nd had cas ts all ove r the plac e. | 5041 | used (char *) i nstead of (void *) a nd had cas ts all ove r the plac e. | |||
| 7944 | [Stev e Henson] | 5042 | [Stev e Henson] | |||
| 7945 | 5043 | |||||
| 7946 | *) Make BN_generat e_prime() return NUL L on error if ret!=N ULL. | 5044 | *) Make BN_generat e_prime() return NUL L on error if ret!=N ULL. | |||
| 7947 | [Ulf Möller] | 5045 | [Ulf Möller] | |||
| 7948 | 5046 | |||||
| 7949 | *) Retai n source c ode compat ibility fo r BN_prime _checks ma cro: | 5047 | *) Retai n source c ode compat ibility fo r BN_prime _checks ma cro: | |||
| 7950 | BN_is _prime(... , BN_prime _checks, . ..) now us es | 5048 | BN_is _prime(... , BN_prime _checks, . ..) now us es | |||
| 7951 | BN_pr ime_checks _for_size to determi ne the app ropriate n umber of | 5049 | BN_pr ime_checks _for_size to determi ne the app ropriate n umber of | |||
| 7952 | Rabin -Miller it erations. | 5050 | Rabin -Miller it erations. | |||
| 7953 | [Ulf Möller] | 5051 | [Ulf Möller] | |||
| 7954 | 5052 | |||||
| 7955 | *) Diffi e-Hellman uses "safe " primes: DH_check() return co de renamed to | 5053 | *) Diffi e-Hellman uses "safe " primes: DH_check() return co de renamed to | |||
| 7956 | DH_CH ECK_P_NOT_ SAFE_PRIME . | 5054 | DH_CH ECK_P_NOT_ SAFE_PRIME . | |||
| 7957 | (Chec k if this is true? O penPGP cal ls them "s trong".) | 5055 | (Chec k if this is true? O penPGP cal ls them "s trong".) | |||
| 7958 | [Ulf Möller] | 5056 | [Ulf Möller] | |||
| 7959 | 5057 | |||||
| 7960 | *) Merge the funct ionality o f "dh" and "gendh" p rograms in to a new p rogram | 5058 | *) Merge the funct ionality o f "dh" and "gendh" p rograms in to a new p rogram | |||
| 7961 | "dhpa ram". The old progra ms are ret ained for now but wi ll handle DH keys | 5059 | "dhpa ram". The old progra ms are ret ained for now but wi ll handle DH keys | |||
| 7962 | (inst ead of par ameters) i n future. | 5060 | (inst ead of par ameters) i n future. | |||
| 7963 | [Stev e Henson] | 5061 | [Stev e Henson] | |||
| 7964 | 5062 | |||||
| 7965 | *) Make the cipher s, s_serve r and s_cl ient progr ams check the return values | 5063 | *) Make the cipher s, s_serve r and s_cl ient progr ams check the return values | |||
| 7966 | when a new ciph er list is set. | 5064 | when a new ciph er list is set. | |||
| 7967 | [Stev e Henson] | 5065 | [Stev e Henson] | |||
| 7968 | 5066 | |||||
| 7969 | *) Enhan ce the SSL /TLS ciphe r mechanis m to corre ctly handl e the TLS 56bit | 5067 | *) Enhan ce the SSL /TLS ciphe r mechanis m to corre ctly handl e the TLS 56bit | |||
| 7970 | ciphe rs. Before when the 56bit ciph ers were e nabled the sorting w as | 5068 | ciphe rs. Before when the 56bit ciph ers were e nabled the sorting w as | |||
| 7971 | wrong . | 5069 | wrong . | |||
| 7972 | 5070 | |||||
| 7973 | The s yntax for the cipher sorting h as been ex tended to support so rting by | 5071 | The s yntax for the cipher sorting h as been ex tended to support so rting by | |||
| 7974 | ciphe r-strength (using th e strength _bits hard coded in the tables ). | 5072 | ciphe r-strength (using th e strength _bits hard coded in the tables ). | |||
| 7975 | The n ew command is "@STRE NGTH" (see also doc/ apps/ciphe rs.pod). | 5073 | The n ew command is "@STRE NGTH" (see also doc/ apps/ciphe rs.pod). | |||
| 7976 | 5074 | |||||
| 7977 | Fix a bug in th e cipher-c ommand par ser: when supplying a cipher c ommand | 5075 | Fix a bug in th e cipher-c ommand par ser: when supplying a cipher c ommand | |||
| 7978 | strin g with an "undefined " symbol ( neither co mmand nor alphanumer ic | 5076 | strin g with an "undefined " symbol ( neither co mmand nor alphanumer ic | |||
| 7979 | [A-Za -z0-9], ss l_set_ciph er_list us ed to hang in an end less loop. Now | 5077 | [A-Za -z0-9], ss l_set_ciph er_list us ed to hang in an end less loop. Now | |||
| 7980 | an er ror is fla gged. | 5078 | an er ror is fla gged. | |||
| 7981 | 5079 | |||||
| 7982 | Due t o the stre ngth-sorti ng extensi on, the co de of the | 5080 | Due t o the stre ngth-sorti ng extensi on, the co de of the | |||
| 7983 | ssl_c reate_ciph er_list() function w as complet ely rearra nged. I ho pe that | 5081 | ssl_c reate_ciph er_list() function w as complet ely rearra nged. I ho pe that | |||
| 7984 | the r eadability was also increased :-) | 5082 | the r eadability was also increased :-) | |||
| 7985 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE>] | 5083 | [Lutz Jaenicke <Lutz.Jaen icke@aet.T U-Cottbus. DE>] | |||
| 7986 | 5084 | |||||
| 7987 | *) Minor change to 'x509' ut ility. The -CAcreate serial opt ion now us es 1 | 5085 | *) Minor change to 'x509' ut ility. The -CAcreate serial opt ion now us es 1 | |||
| 7988 | for t he first s erial numb er and pla ces 2 in t he serial number fil e. This | 5086 | for t he first s erial numb er and pla ces 2 in t he serial number fil e. This | |||
| 7989 | avoid s problems when the root CA is created w ith serial number ze ro and | 5087 | avoid s problems when the root CA is created w ith serial number ze ro and | |||
| 7990 | the f irst user certificat e has the same issue r name and serial nu mber | 5088 | the f irst user certificat e has the same issue r name and serial nu mber | |||
| 7991 | as th e root CA. | 5089 | as th e root CA. | |||
| 7992 | [Stev e Henson] | 5090 | [Stev e Henson] | |||
| 7993 | 5091 | |||||
| 7994 | *) Fixes to X509_A TTRIBUTE u tilities, change the 'req' pro gram so it uses | 5092 | *) Fixes to X509_A TTRIBUTE u tilities, change the 'req' pro gram so it uses | |||
| 7995 | the n ew code. A dd documen tation for this stuf f. | 5093 | the n ew code. A dd documen tation for this stuf f. | |||
| 7996 | [Stev e Henson] | 5094 | [Stev e Henson] | |||
| 7997 | 5095 | |||||
| 7998 | *) Chang es to X509 _ATTRIBUTE utilities . These ha ve been re named from | 5096 | *) Chang es to X509 _ATTRIBUTE utilities . These ha ve been re named from | |||
| 7999 | X509_ *() to X50 9at_*() on the groun ds that th ey don't h andle X509 | 5097 | X509_ *() to X50 9at_*() on the groun ds that th ey don't h andle X509 | |||
| 8000 | struc tures and behave in an analago us way to the X509v3 functions : | 5098 | struc tures and behave in an analago us way to the X509v3 functions : | |||
| 8001 | they shouldn't be called directly b ut wrapper functions should be used | 5099 | they shouldn't be called directly b ut wrapper functions should be used | |||
| 8002 | inste ad. | 5100 | inste ad. | |||
| 8003 | 5101 | |||||
| 8004 | So we also now have some wrapper fu nctions th at call th e X509at f unctions | 5102 | So we also now have some wrapper fu nctions th at call th e X509at f unctions | |||
| 8005 | when passed cer tificate r equests. ( TO DO: sim ilar thing s can be d one with | 5103 | when passed cer tificate r equests. ( TO DO: sim ilar thing s can be d one with | |||
| 8006 | PKCS# 7 signed a nd unsigne d attribut es, PKCS#1 2 attribut es and a f ew other | 5104 | PKCS# 7 signed a nd unsigne d attribut es, PKCS#1 2 attribut es and a f ew other | |||
| 8007 | thing s. Some of these nee d some d2i or i2d an d print fu nctionalit y | 5105 | thing s. Some of these nee d some d2i or i2d an d print fu nctionalit y | |||
| 8008 | becau se they ha ndle more complex st ructures.) | 5106 | becau se they ha ndle more complex st ructures.) | |||
| 8009 | [Stev e Henson] | 5107 | [Stev e Henson] | |||
| 8010 | 5108 | |||||
| 8011 | *) Add m issing #if ndefs that caused mi ssing symb ols when b uilding li bssl | 5109 | *) Add m issing #if ndefs that caused mi ssing symb ols when b uilding li bssl | |||
| 8012 | as a shared lib rary witho ut RSA. U se #ifndef NO_SSL2 i nstead of | 5110 | as a shared lib rary witho ut RSA. U se #ifndef NO_SSL2 i nstead of | |||
| 8013 | NO_RS A in ssl/s 2*.c. | 5111 | NO_RS A in ssl/s 2*.c. | |||
| 8014 | [Kris Kennaway <kris@hub. freebsd.or g>, modifi ed by Ulf Möller] | 5112 | [Kris Kennaway <kris@hub. freebsd.or g>, modifi ed by Ulf Möller] | |||
| 8015 | 5113 | |||||
| 8016 | *) Preca utions aga inst using the PRNG uninitiali zed: RAND_ bytes() no w | 5114 | *) Preca utions aga inst using the PRNG uninitiali zed: RAND_ bytes() no w | |||
| 8017 | has a return va lue which indicates the qualit y of the r andom data | 5115 | has a return va lue which indicates the qualit y of the r andom data | |||
| 8018 | (1 = ok, 0 = no t seeded). Also an error is r ecorded on the threa d's | 5116 | (1 = ok, 0 = no t seeded). Also an error is r ecorded on the threa d's | |||
| 8019 | error queue. Ne w function RAND_pseu do_bytes() generates output th at is | 5117 | error queue. Ne w function RAND_pseu do_bytes() generates output th at is | |||
| 8020 | guara nteed to b e unique b ut not unp redictable . RAND_add is like | 5118 | guara nteed to b e unique b ut not unp redictable . RAND_add is like | |||
| 8021 | RAND_ seed, but takes an e xtra argum ent for an entropy e stimate | 5119 | RAND_ seed, but takes an e xtra argum ent for an entropy e stimate | |||
| 8022 | (RAND _seed alwa ys assumes full entr opy). | 5120 | (RAND _seed alwa ys assumes full entr opy). | |||
| 8023 | [Ulf Möller] | 5121 | [Ulf Möller] | |||
| 8024 | 5122 | |||||
| 8025 | *) Do mo re iterati ons of Rab in-Miller probable p rime test (specifica lly, | 5123 | *) Do mo re iterati ons of Rab in-Miller probable p rime test (specifica lly, | |||
| 8026 | 3 for 1024-bit primes, 6 for 512-bi t primes, 12 for 256 -bit prime s | 5124 | 3 for 1024-bit primes, 6 for 512-bi t primes, 12 for 256 -bit prime s | |||
| 8027 | inste ad of only 2 for all lengths; see BN_pri me_checks_ for_size d efinition | 5125 | inste ad of only 2 for all lengths; see BN_pri me_checks_ for_size d efinition | |||
| 8028 | in cr ypto/bn/bn _prime.c f or the com plete tabl e). This guarantees a | 5126 | in cr ypto/bn/bn _prime.c f or the com plete tabl e). This guarantees a | |||
| 8029 | false -positive rate of at most 2^-8 0 for rand om input. | 5127 | false -positive rate of at most 2^-8 0 for rand om input. | |||
| 8030 | [Bodo Moeller] | 5128 | [Bodo Moeller] | |||
| 8031 | 5129 | |||||
| 8032 | *) Rewri te ssl3_re ad_n (ssl/ s3_pkt.c) avoiding a couple of bugs. | 5130 | *) Rewri te ssl3_re ad_n (ssl/ s3_pkt.c) avoiding a couple of bugs. | |||
| 8033 | [Bodo Moeller] | 5131 | [Bodo Moeller] | |||
| 8034 | 5132 | |||||
| 8035 | *) New f unction X5 09_CTX_rge t_chain() (renamed t o X509_CTX _get1_chai n | 5133 | *) New f unction X5 09_CTX_rge t_chain() (renamed t o X509_CTX _get1_chai n | |||
| 8036 | in th e 0.9.5 re lease), th is returns the chain | 5134 | in th e 0.9.5 re lease), th is returns the chain | |||
| 8037 | from an X509_CT X structur e with a d up of the stack and all | 5135 | from an X509_CT X structur e with a d up of the stack and all | |||
| 8038 | the X 509 refere nce counts upped: so the stack will exis t | 5136 | the X 509 refere nce counts upped: so the stack will exis t | |||
| 8039 | after X509_CTX_ cleanup() has been c alled. Mod ify pkcs12 .c | 5137 | after X509_CTX_ cleanup() has been c alled. Mod ify pkcs12 .c | |||
| 8040 | to us e this. | 5138 | to us e this. | |||
| 8041 | 5139 | |||||
| 8042 | Also make SSL_S ESSION_pri nt() print out the v erify retu rn | 5140 | Also make SSL_S ESSION_pri nt() print out the v erify retu rn | |||
| 8043 | code. | 5141 | code. | |||
| 8044 | [Stev e Henson] | 5142 | [Stev e Henson] | |||
| 8045 | 5143 | |||||
| 8046 | *) Add m anpage for the pkcs1 2 command. Also chan ge the def ault | 5144 | *) Add m anpage for the pkcs1 2 command. Also chan ge the def ault | |||
| 8047 | behav iour so MA C iteratio n counts a re used un less the n ew | 5145 | behav iour so MA C iteratio n counts a re used un less the n ew | |||
| 8048 | -noma citer opti on is used . This imp roves file security and | 5146 | -noma citer opti on is used . This imp roves file security and | |||
| 8049 | only older vers ions of MS IE (4.0 fo r example) need it. | 5147 | only older vers ions of MS IE (4.0 fo r example) need it. | |||
| 8050 | [Stev e Henson] | 5148 | [Stev e Henson] | |||
| 8051 | 5149 | |||||
| 8052 | *) Honor the no-xx x Configur e options when creat ing .DEF f iles. | 5150 | *) Honor the no-xx x Configur e options when creat ing .DEF f iles. | |||
| 8053 | [Ulf Möller] | 5151 | [Ulf Möller] | |||
| 8054 | 5152 | |||||
| 8055 | *) Add P KCS#10 att ributes to field tab le: challe ngePasswor d, | 5153 | *) Add P KCS#10 att ributes to field tab le: challe ngePasswor d, | |||
| 8056 | unstr ucturedNam e and unst ructuredAd dress. The se are tak en from | 5154 | unstr ucturedNam e and unst ructuredAd dress. The se are tak en from | |||
| 8057 | draft PKCS#9 v2 .0 but are compatibl e with v1. 2 provided no | 5155 | draft PKCS#9 v2 .0 but are compatibl e with v1. 2 provided no | |||
| 8058 | inter national c haracters are used. | 5156 | inter national c haracters are used. | |||
| 8059 | 5157 | |||||
| 8060 | More changes to X509_ATTR IBUTE code : allow th e setting of types | 5158 | More changes to X509_ATTR IBUTE code : allow th e setting of types | |||
| 8061 | based on string s. Remove the 'loc' parameter when addin g | 5159 | based on string s. Remove the 'loc' parameter when addin g | |||
| 8062 | attri butes beca use these will be a SET OF enc oding whic h is sorte d | 5160 | attri butes beca use these will be a SET OF enc oding whic h is sorte d | |||
| 8063 | in AS N1 order. | 5161 | in AS N1 order. | |||
| 8064 | [Stev e Henson] | 5162 | [Stev e Henson] | |||
| 8065 | 5163 | |||||
| 8066 | *) Initi al changes to the 'r eq' utilit y to allow request g eneration | 5164 | *) Initi al changes to the 'r eq' utilit y to allow request g eneration | |||
| 8067 | autom ation. Thi s will all ow an appl ication to just gene rate a tem plate | 5165 | autom ation. Thi s will all ow an appl ication to just gene rate a tem plate | |||
| 8068 | file containing all the f ield value s and have req const ruct the | 5166 | file containing all the f ield value s and have req const ruct the | |||
| 8069 | reque st. | 5167 | reque st. | |||
| 8070 | 5168 | |||||
| 8071 | Initi al support for X509_ ATTRIBUTE handling. Stacks of these are | 5169 | Initi al support for X509_ ATTRIBUTE handling. Stacks of these are | |||
| 8072 | used all over t he place i ncluding c ertificate requests and PKCS#7 | 5170 | used all over t he place i ncluding c ertificate requests and PKCS#7 | |||
| 8073 | struc tures. The y are curr ently hand led manual ly where n ecessary w ith | 5171 | struc tures. The y are curr ently hand led manual ly where n ecessary w ith | |||
| 8074 | some primitive wrappers f or PKCS#7. The new f unctions b ehave in a | 5172 | some primitive wrappers f or PKCS#7. The new f unctions b ehave in a | |||
| 8075 | manne r analogou s to the X 509 extens ion functi ons: they allow | 5173 | manne r analogou s to the X 509 extens ion functi ons: they allow | |||
| 8076 | attri butes to b e looked u p by NID a nd added. | 5174 | attri butes to b e looked u p by NID a nd added. | |||
| 8077 | 5175 | |||||
| 8078 | Later something similar t o the X509 V3 code wo uld be des irable to | 5176 | Later something similar t o the X509 V3 code wo uld be des irable to | |||
| 8079 | autom atically h andle the encoding, decoding a nd printin g of the | 5177 | autom atically h andle the encoding, decoding a nd printin g of the | |||
| 8080 | more complex ty pes. The s tring type s like cha llengePass word can | 5178 | more complex ty pes. The s tring type s like cha llengePass word can | |||
| 8081 | be ha ndled by t he string table func tions. | 5179 | be ha ndled by t he string table func tions. | |||
| 8082 | 5180 | |||||
| 8083 | Also modified t he multi b yte string table han dling. Now there is | 5181 | Also modified t he multi b yte string table han dling. Now there is | |||
| 8084 | a 'gl obal mask' which mas ks out cer tain types . The tabl e itself | 5182 | a 'gl obal mask' which mas ks out cer tain types . The tabl e itself | |||
| 8085 | can u se the fla g STABLE_N O_MASK to ignore the mask sett ing: this | 5183 | can u se the fla g STABLE_N O_MASK to ignore the mask sett ing: this | |||
| 8086 | is us eful when for exampl e there is only one permissibl e type | 5184 | is us eful when for exampl e there is only one permissibl e type | |||
| 8087 | (as i n countryN ame) and u sing the m ask might result in no valid | 5185 | (as i n countryN ame) and u sing the m ask might result in no valid | |||
| 8088 | types at all. | 5186 | types at all. | |||
| 8089 | [Stev e Henson] | 5187 | [Stev e Henson] | |||
| 8090 | 5188 | |||||
| 8091 | *) Clean up 'Finis hed' handl ing, and a dd functio ns SSL_get _finished and | 5189 | *) Clean up 'Finis hed' handl ing, and a dd functio ns SSL_get _finished and | |||
| 8092 | SSL_g et_peer_fi nished to allow appl ications t o obtain t he latest | 5190 | SSL_g et_peer_fi nished to allow appl ications t o obtain t he latest | |||
| 8093 | Finis hed messag es sent to the peer or expecte d from the peer, | 5191 | Finis hed messag es sent to the peer or expecte d from the peer, | |||
| 8094 | respe ctively. (SSL_get_p eer_finish ed is usua lly the Fi nished mes sage | 5192 | respe ctively. (SSL_get_p eer_finish ed is usua lly the Fi nished mes sage | |||
| 8095 | actua lly receiv ed from th e peer, ot herwise th e protocol will be a borted.) | 5193 | actua lly receiv ed from th e peer, ot herwise th e protocol will be a borted.) | |||
| 8096 | 5194 | |||||
| 8097 | As th e Finished message a re message digests o f the comp lete hands hake | 5195 | As th e Finished message a re message digests o f the comp lete hands hake | |||
| 8098 | (with a total o f 192 bits for TLS 1 .0 and mor e for SSL 3.0), they can | 5196 | (with a total o f 192 bits for TLS 1 .0 and mor e for SSL 3.0), they can | |||
| 8099 | be us ed for ext ernal auth entication procedure s when the authentic ation | 5197 | be us ed for ext ernal auth entication procedure s when the authentic ation | |||
| 8100 | provi ded by SSL /TLS is no t desired or is not enough. | 5198 | provi ded by SSL /TLS is no t desired or is not enough. | |||
| 8101 | [Bodo Moeller] | 5199 | [Bodo Moeller] | |||
| 8102 | 5200 | |||||
| 8103 | *) Enhan ced suppor t for Alph a Linux is added. No w ./config checks if | 5201 | *) Enhan ced suppor t for Alph a Linux is added. No w ./config checks if | |||
| 8104 | the h ost suppor ts BWX ext ension and if Compaq C is pres ent on the | 5202 | the h ost suppor ts BWX ext ension and if Compaq C is pres ent on the | |||
| 8105 | $PATH . Just exp loiting of the BWX e xtension r esults in 20-30% | 5203 | $PATH . Just exp loiting of the BWX e xtension r esults in 20-30% | |||
| 8106 | perfo rmance kic k for some algorithm s, e.g. DE S and RC4 to mention | 5204 | perfo rmance kic k for some algorithm s, e.g. DE S and RC4 to mention | |||
| 8107 | a cou ple. Compa q C in tur n generate s ~20% fas ter code f or MD5 and | 5205 | a cou ple. Compa q C in tur n generate s ~20% fas ter code f or MD5 and | |||
| 8108 | SHA1. | 5206 | SHA1. | |||
| 8109 | [Andy Polyakov] | 5207 | [Andy Polyakov] | |||
| 8110 | 5208 | |||||
| 8111 | *) Add s upport for MS "fast SGC". This is arguab ly a viola tion of th e | 5209 | *) Add s upport for MS "fast SGC". This is arguab ly a viola tion of th e | |||
| 8112 | SSL3/ TLS protoc ol. Netsca pe SGC doe s two hand shakes: th e first wi th | 5210 | SSL3/ TLS protoc ol. Netsca pe SGC doe s two hand shakes: th e first wi th | |||
| 8113 | weak crypto and after che cking the certificat e is SGC a second on e | 5211 | weak crypto and after che cking the certificat e is SGC a second on e | |||
| 8114 | with strong cry pto. MS SG C stops th e first ha ndshake af ter receiv ing | 5212 | with strong cry pto. MS SG C stops th e first ha ndshake af ter receiv ing | |||
| 8115 | the s erver cert ificate me ssage and sends a se cond clien t hello. S ince | 5213 | the s erver cert ificate me ssage and sends a se cond clien t hello. S ince | |||
| 8116 | a ser ver will t ypically d o all the time consu ming opera tions befo re | 5214 | a ser ver will t ypically d o all the time consu ming opera tions befo re | |||
| 8117 | expec ting any f urther mes sages from the clien t (server key exchan ge | 5215 | expec ting any f urther mes sages from the clien t (server key exchan ge | |||
| 8118 | is th e most exp ensive) th ere is lit tle differ ence betwe en the two . | 5216 | is th e most exp ensive) th ere is lit tle differ ence betwe en the two . | |||
| 8119 | 5217 | |||||
| 8120 | To ge t OpenSSL to support MS SGC we have to p ermit a se cond clien t | 5218 | To ge t OpenSSL to support MS SGC we have to p ermit a se cond clien t | |||
| 8121 | hello message a fter we ha ve sent se rver done. In additi on we have to | 5219 | hello message a fter we ha ve sent se rver done. In additi on we have to | |||
| 8122 | reset the MAC i f we do ge t this sec ond client hello. | 5220 | reset the MAC i f we do ge t this sec ond client hello. | |||
| 8123 | [Stev e Henson] | 5221 | [Stev e Henson] | |||
| 8124 | 5222 | |||||
| 8125 | *) Add a function 'd2i_AutoP rivateKey( )' this wi ll automat ically dec ide | 5223 | *) Add a function 'd2i_AutoP rivateKey( )' this wi ll automat ically dec ide | |||
| 8126 | if a DER encode d private key is RSA or DSA tr aditional format. Ch anged | 5224 | if a DER encode d private key is RSA or DSA tr aditional format. Ch anged | |||
| 8127 | d2i_P rivateKey_ bio() to u se it. Thi s is only needed for the "trad itional" | 5225 | d2i_P rivateKey_ bio() to u se it. Thi s is only needed for the "trad itional" | |||
| 8128 | forma t DER enco ded privat e key. New er code sh ould use P KCS#8 form at which | 5226 | forma t DER enco ded privat e key. New er code sh ould use P KCS#8 form at which | |||
| 8129 | has t he key typ e encoded in the ASN 1 structur e. Added D ER private key | 5227 | has t he key typ e encoded in the ASN 1 structur e. Added D ER private key | |||
| 8130 | suppo rt to pkcs 8 applicat ion. | 5228 | suppo rt to pkcs 8 applicat ion. | |||
| 8131 | [Stev e Henson] | 5229 | [Stev e Henson] | |||
| 8132 | 5230 | |||||
| 8133 | *) SSL 3 /TLS 1 ser vers now d on't reque st certifi cates when an anonym ous | 5231 | *) SSL 3 /TLS 1 ser vers now d on't reque st certifi cates when an anonym ous | |||
| 8134 | ciphe rsuites ha s been sel ected (as required b y the SSL 3/TLS 1 | 5232 | ciphe rsuites ha s been sel ected (as required b y the SSL 3/TLS 1 | |||
| 8135 | speci fications) . Excepti on: When S SL_VERIFY_ FAIL_IF_NO _PEER_CERT | 5233 | speci fications) . Excepti on: When S SL_VERIFY_ FAIL_IF_NO _PEER_CERT | |||
| 8136 | is se t, we inte rpret this as a requ est to vio late the s pecificati on | 5234 | is se t, we inte rpret this as a requ est to vio late the s pecificati on | |||
| 8137 | (the worst that can happe n is a han dshake fai lure, and 'correct' | 5235 | (the worst that can happe n is a han dshake fai lure, and 'correct' | |||
| 8138 | behav iour would result in a handsha ke failure anyway). | 5236 | behav iour would result in a handsha ke failure anyway). | |||
| 8139 | [Bodo Moeller] | 5237 | [Bodo Moeller] | |||
| 8140 | 5238 | |||||
| 8141 | *) In SS L_CTX_add_ session, t ake into a ccount tha t there mi ght be mul tiple | 5239 | *) In SS L_CTX_add_ session, t ake into a ccount tha t there mi ght be mul tiple | |||
| 8142 | SSL_S ESSION str uctures wi th the sam e session ID (e.g. w hen two th reads | 5240 | SSL_S ESSION str uctures wi th the sam e session ID (e.g. w hen two th reads | |||
| 8143 | concu rrently ob tain them from an ex ternal cac he). | 5241 | concu rrently ob tain them from an ex ternal cac he). | |||
| 8144 | The i nternal ca che can ha ndle only one SSL_SE SSION with a given I D, | 5242 | The i nternal ca che can ha ndle only one SSL_SE SSION with a given I D, | |||
| 8145 | so if there's a conflict, we now th row out th e old one to achieve | 5243 | so if there's a conflict, we now th row out th e old one to achieve | |||
| 8146 | consi stency. | 5244 | consi stency. | |||
| 8147 | [Bodo Moeller] | 5245 | [Bodo Moeller] | |||
| 8148 | 5246 | |||||
| 8149 | *) Add O IDs for id ea and blo wfish in C BC mode. T his will a llow both | 5247 | *) Add O IDs for id ea and blo wfish in C BC mode. T his will a llow both | |||
| 8150 | to be used in P KCS#5 v2.0 and S/MIM E. Also a dd checkin g to | 5248 | to be used in P KCS#5 v2.0 and S/MIM E. Also a dd checkin g to | |||
| 8151 | some routines t hat use ci pher OIDs: some ciph ers do not have OIDs | 5249 | some routines t hat use ci pher OIDs: some ciph ers do not have OIDs | |||
| 8152 | defin ed and so they canno t be used for S/MIME and PKCS# 5 v2.0 for | 5250 | defin ed and so they canno t be used for S/MIME and PKCS# 5 v2.0 for | |||
| 8153 | examp le. | 5251 | examp le. | |||
| 8154 | [Stev e Henson] | 5252 | [Stev e Henson] | |||
| 8155 | 5253 | |||||
| 8156 | *) Simpl ify the tr ust settin g structur e and code . Now we j ust have | 5254 | *) Simpl ify the tr ust settin g structur e and code . Now we j ust have | |||
| 8157 | two s equences o f OIDs for trusted a nd rejecte d settings . These wi ll | 5255 | two s equences o f OIDs for trusted a nd rejecte d settings . These wi ll | |||
| 8158 | typic ally have values the same as t he extende d key usag e extensio n | 5256 | typic ally have values the same as t he extende d key usag e extensio n | |||
| 8159 | and a ny applica tion speci fic purpos es. | 5257 | and a ny applica tion speci fic purpos es. | |||
| 8160 | 5258 | |||||
| 8161 | The t rust check ing code n ow has a d efault beh aviour: it will just | 5259 | The t rust check ing code n ow has a d efault beh aviour: it will just | |||
| 8162 | check for an ob ject with the same N ID as the passed id. Functions can | 5260 | check for an ob ject with the same N ID as the passed id. Functions can | |||
| 8163 | be pr ovided to override e ither the default be haviour or the behav iour | 5261 | be pr ovided to override e ither the default be haviour or the behav iour | |||
| 8164 | for a given id. SSL clien t, server and email already ha ve functio ns | 5262 | for a given id. SSL clien t, server and email already ha ve functio ns | |||
| 8165 | in pl ace for co mpatibilit y: they ch eck the NI D and also return "t rusted" | 5263 | in pl ace for co mpatibilit y: they ch eck the NI D and also return "t rusted" | |||
| 8166 | if th e certific ate is sel f signed. | 5264 | if th e certific ate is sel f signed. | |||
| 8167 | [Stev e Henson] | 5265 | [Stev e Henson] | |||
| 8168 | 5266 | |||||
| 8169 | *) Add d 2i,i2d bio /fp functi ons for Pr ivateKey: these conv ert the | 5267 | *) Add d 2i,i2d bio /fp functi ons for Pr ivateKey: these conv ert the | |||
| 8170 | tradi tional for mat into a n EVP_PKEY structure . | 5268 | tradi tional for mat into a n EVP_PKEY structure . | |||
| 8171 | [Stev e Henson] | 5269 | [Stev e Henson] | |||
| 8172 | 5270 | |||||
| 8173 | *) Add a password callback f unction PE M_cb() whi ch either prompts fo r | 5271 | *) Add a password callback f unction PE M_cb() whi ch either prompts fo r | |||
| 8174 | a pas sword if u sr_data is NULL or o therwise a ssumes it is a null | 5272 | a pas sword if u sr_data is NULL or o therwise a ssumes it is a null | |||
| 8175 | termi nated pass word. Allo w password s to be pa ssed on co mmand line | 5273 | termi nated pass word. Allo w password s to be pa ssed on co mmand line | |||
| 8176 | envir onment or config fil es in a fe w more uti lities. | 5274 | envir onment or config fil es in a fe w more uti lities. | |||
| 8177 | [Stev e Henson] | 5275 | [Stev e Henson] | |||
| 8178 | 5276 | |||||
| 8179 | *) Add a bunch of DER and PE M function s to handl e PKCS#8 f ormat priv ate | 5277 | *) Add a bunch of DER and PE M function s to handl e PKCS#8 f ormat priv ate | |||
| 8180 | keys. Add some short name s for PKCS #8 PBE alg orithms an d allow th em | 5278 | keys. Add some short name s for PKCS #8 PBE alg orithms an d allow th em | |||
| 8181 | to be specified on the co mmand line for the p kcs8 and p kcs12 util ities. | 5279 | to be specified on the co mmand line for the p kcs8 and p kcs12 util ities. | |||
| 8182 | Updat e document ation. | 5280 | Updat e document ation. | |||
| 8183 | [Stev e Henson] | 5281 | [Stev e Henson] | |||
| 8184 | 5282 | |||||
| 8185 | *) Suppo rt for ASN 1 "NULL" t ype. This could be h andled bef ore by usi ng | 5283 | *) Suppo rt for ASN 1 "NULL" t ype. This could be h andled bef ore by usi ng | |||
| 8186 | ASN1_ TYPE but t here wasn' t any func tion that would try to read a NULL | 5284 | ASN1_ TYPE but t here wasn' t any func tion that would try to read a NULL | |||
| 8187 | and p roduce an error if i t couldn't . For comp atibility we also ha ve | 5285 | and p roduce an error if i t couldn't . For comp atibility we also ha ve | |||
| 8188 | ASN1_ NULL_new() and ASN1_ NULL_free( ) function s but thes e are fake d and | 5286 | ASN1_ NULL_new() and ASN1_ NULL_free( ) function s but thes e are fake d and | |||
| 8189 | don't allocate anything b ecause the y don't ne ed to. | 5287 | don't allocate anything b ecause the y don't ne ed to. | |||
| 8190 | [Stev e Henson] | 5288 | [Stev e Henson] | |||
| 8191 | 5289 | |||||
| 8192 | *) Initi al support for MacOS is now pr ovided. Ex amine INST ALL.MacOS | 5290 | *) Initi al support for MacOS is now pr ovided. Ex amine INST ALL.MacOS | |||
| 8193 | for d etails. | 5291 | for d etails. | |||
| 8194 | [Andy Polyakov, Roy Woods <roy@cent icsystems. ca>] | 5292 | [Andy Polyakov, Roy Woods <roy@cent icsystems. ca>] | |||
| 8195 | 5293 | |||||
| 8196 | *) Rebui ld of the memory all ocation ro utines use d by OpenS SL code an d | 5294 | *) Rebui ld of the memory all ocation ro utines use d by OpenS SL code an d | |||
| 8197 | possi bly others as well. The purpo se is to m ake an int erface tha t | 5295 | possi bly others as well. The purpo se is to m ake an int erface tha t | |||
| 8198 | provi de hooks s o anyone c an build a separate set of all ocation an d | 5296 | provi de hooks s o anyone c an build a separate set of all ocation an d | |||
| 8199 | deall ocation ro utines to be used by OpenSSL, for exampl e memory | 5297 | deall ocation ro utines to be used by OpenSSL, for exampl e memory | |||
| 8200 | pool implementa tions, or something else, whic h was prev iously har d | 5298 | pool implementa tions, or something else, whic h was prev iously har d | |||
| 8201 | since Malloc(), Realloc() and Free( ) were def ined as ma cros havin g | 5299 | since Malloc(), Realloc() and Free( ) were def ined as ma cros havin g | |||
| 8202 | the v alues mall oc, reallo c and free , respecti vely (exce pt for Win 32 | 5300 | the v alues mall oc, reallo c and free , respecti vely (exce pt for Win 32 | |||
| 8203 | compi lations). The same is provide d for memo ry debuggi ng code. | 5301 | compi lations). The same is provide d for memo ry debuggi ng code. | |||
| 8204 | OpenS SL already comes wit h function ality to f ind memory leaks, bu t | 5302 | OpenS SL already comes wit h function ality to f ind memory leaks, bu t | |||
| 8205 | this gives peop le a chanc e to debug other mem ory proble ms. | 5303 | this gives peop le a chanc e to debug other mem ory proble ms. | |||
| 8206 | 5304 | |||||
| 8207 | With these chan ges, a new set of fu nctions an d macros h ave appear ed: | 5305 | With these chan ges, a new set of fu nctions an d macros h ave appear ed: | |||
| 8208 | 5306 | |||||
| 8209 | CRY PTO_set_me m_debug_fu nctions() [F ] | 5307 | CRY PTO_set_me m_debug_fu nctions() [F ] | |||
| 8210 | CRY PTO_get_me m_debug_fu nctions() [F ] | 5308 | CRY PTO_get_me m_debug_fu nctions() [F ] | |||
| 8211 | CRY PTO_dbg_se t_options( ) [F ] | 5309 | CRY PTO_dbg_se t_options( ) [F ] | |||
| 8212 | CRY PTO_dbg_ge t_options( ) [F ] | 5310 | CRY PTO_dbg_ge t_options( ) [F ] | |||
| 8213 | CRY PTO_malloc _debug_ini t() [M ] | 5311 | CRY PTO_malloc _debug_ini t() [M ] | |||
| 8214 | 5312 | |||||
| 8215 | The m emory debu g function s are NULL by defaul t, unless the librar y | 5313 | The m emory debu g function s are NULL by defaul t, unless the librar y | |||
| 8216 | is co mpiled wit h CRYPTO_M DEBUG or f riends is defined. If someone | 5314 | is co mpiled wit h CRYPTO_M DEBUG or f riends is defined. If someone | |||
| 8217 | wants to debug memory any way, CRYPT O_malloc_d ebug_init( ) (which | 5315 | wants to debug memory any way, CRYPT O_malloc_d ebug_init( ) (which | |||
| 8218 | gives the stand ard debugg ing functi ons that c ome with O penSSL) or | 5316 | gives the stand ard debugg ing functi ons that c ome with O penSSL) or | |||
| 8219 | CRYPT O_set_mem_ debug_func tions() (t ells OpenS SL to use functions | 5317 | CRYPT O_set_mem_ debug_func tions() (t ells OpenS SL to use functions | |||
| 8220 | provi ded by the library u ser) must be used. When the s tandard | 5318 | provi ded by the library u ser) must be used. When the s tandard | |||
| 8221 | debug ging funct ions are u sed, CRYPT O_dbg_set_ options ca n be used to | 5319 | debug ging funct ions are u sed, CRYPT O_dbg_set_ options ca n be used to | |||
| 8222 | reque st additio nal inform ation: | 5320 | reque st additio nal inform ation: | |||
| 8223 | CRYPT O_dbg_set_ options(V_ CYRPTO_MDE BUG_xxx) c orresponds to settin g | 5321 | CRYPT O_dbg_set_ options(V_ CYRPTO_MDE BUG_xxx) c orresponds to settin g | |||
| 8224 | the C RYPTO_MDEB UG_xxx mac ro when co mpiling th e library. | 5322 | the C RYPTO_MDEB UG_xxx mac ro when co mpiling th e library. | |||
| 8225 | 5323 | |||||
| 8226 | Also, things li ke CRYPTO_ set_mem_fu nctions wi ll always give the | 5324 | Also, things li ke CRYPTO_ set_mem_fu nctions wi ll always give the | |||
| 8227 | expec ted result (the new set of fun ctions is used for a llocation | 5325 | expec ted result (the new set of fun ctions is used for a llocation | |||
| 8228 | and d eallocatio n) at all times, reg ardless of platform and compil er | 5326 | and d eallocatio n) at all times, reg ardless of platform and compil er | |||
| 8229 | optio ns. | 5327 | optio ns. | |||
| 8230 | 5328 | |||||
| 8231 | To fi nish it up , some fun ctions tha t were nev er use in any other | 5329 | To fi nish it up , some fun ctions tha t were nev er use in any other | |||
| 8232 | way t han throug h macros h ave a new API and ne w semantic : | 5330 | way t han throug h macros h ave a new API and ne w semantic : | |||
| 8233 | 5331 | |||||
| 8234 | CRY PTO_dbg_ma lloc() | 5332 | CRY PTO_dbg_ma lloc() | |||
| 8235 | CRY PTO_dbg_re alloc() | 5333 | CRY PTO_dbg_re alloc() | |||
| 8236 | CRY PTO_dbg_fr ee() | 5334 | CRY PTO_dbg_fr ee() | |||
| 8237 | 5335 | |||||
| 8238 | All m acros of v alue have retained t heir old s yntax. | 5336 | All m acros of v alue have retained t heir old s yntax. | |||
| 8239 | [Rich ard Levitt e and Bodo Moeller] | 5337 | [Rich ard Levitt e and Bodo Moeller] | |||
| 8240 | 5338 | |||||
| 8241 | *) Some S/MIME fix es. The OI D for SMIM ECapabilit ies was wr ong, the | 5339 | *) Some S/MIME fix es. The OI D for SMIM ECapabilit ies was wr ong, the | |||
| 8242 | order ing of SMI MECapabili ties wasn' t in "stre ngth order " and ther e | 5340 | order ing of SMI MECapabili ties wasn' t in "stre ngth order " and ther e | |||
| 8243 | was a missing N ULL in the Algorithm Identifier for the S HA1 signat ure | 5341 | was a missing N ULL in the Algorithm Identifier for the S HA1 signat ure | |||
| 8244 | algor ithm. | 5342 | algor ithm. | |||
| 8245 | [Stev e Henson] | 5343 | [Stev e Henson] | |||
| 8246 | 5344 | |||||
| 8247 | *) Some ASN1 types with ille gal zero l ength enco ding (INTE GER, | 5345 | *) Some ASN1 types with ille gal zero l ength enco ding (INTE GER, | |||
| 8248 | ENUME RATED and OBJECT IDE NTIFIER) c hoked the ASN1 routi nes. | 5346 | ENUME RATED and OBJECT IDE NTIFIER) c hoked the ASN1 routi nes. | |||
| 8249 | [Fran s Heymans <fheymans@ isaserver. be>, modif ied by Ste ve Henson] | 5347 | [Fran s Heymans <fheymans@ isaserver. be>, modif ied by Ste ve Henson] | |||
| 8250 | 5348 | |||||
| 8251 | *) Merge in my S/M IME librar y for Open SSL. This provides a simple | 5349 | *) Merge in my S/M IME librar y for Open SSL. This provides a simple | |||
| 8252 | S/MIM E API on t op of the PKCS#7 cod e, a MIME parser (wi th enough | 5350 | S/MIM E API on t op of the PKCS#7 cod e, a MIME parser (wi th enough | |||
| 8253 | funct ionality t o handle m ultipart/s igned prop erly) and a utility | 5351 | funct ionality t o handle m ultipart/s igned prop erly) and a utility | |||
| 8254 | calle d 'smime' to call al l this stu ff. This i s based on code I | 5352 | calle d 'smime' to call al l this stu ff. This i s based on code I | |||
| 8255 | origi nally wrot e for Celo who have kindly all owed it to be | 5353 | origi nally wrot e for Celo who have kindly all owed it to be | |||
| 8256 | inclu ded in Ope nSSL. | 5354 | inclu ded in Ope nSSL. | |||
| 8257 | [Stev e Henson] | 5355 | [Stev e Henson] | |||
| 8258 | 5356 | |||||
| 8259 | *) Add v ariants de s_set_key_ checked an d des_set_ key_unchec ked of | 5357 | *) Add v ariants de s_set_key_ checked an d des_set_ key_unchec ked of | |||
| 8260 | des_s et_key (ak a des_key_ sched). G lobal vari able des_c heck_key | 5358 | des_s et_key (ak a des_key_ sched). G lobal vari able des_c heck_key | |||
| 8261 | decid es which o f these is called by des_set_k ey; this w ay | 5359 | decid es which o f these is called by des_set_k ey; this w ay | |||
| 8262 | des_c heck_key b ehaves as it always did, but a pplication s and | 5360 | des_c heck_key b ehaves as it always did, but a pplication s and | |||
| 8263 | the l ibrary its elf, which was buggy for des_c heck_key = = 1, | 5361 | the l ibrary its elf, which was buggy for des_c heck_key = = 1, | |||
| 8264 | have a cleaner way to pic k the vers ion they n eed. | 5362 | have a cleaner way to pic k the vers ion they n eed. | |||
| 8265 | [Bodo Moeller] | 5363 | [Bodo Moeller] | |||
| 8266 | 5364 | |||||
| 8267 | *) New f unction PK CS12_newpa ss() which changes t he passwor d of a | 5365 | *) New f unction PK CS12_newpa ss() which changes t he passwor d of a | |||
| 8268 | PKCS1 2 structur e. | 5366 | PKCS1 2 structur e. | |||
| 8269 | [Stev e Henson] | 5367 | [Stev e Henson] | |||
| 8270 | 5368 | |||||
| 8271 | *) Modif y X509_TRU ST and X50 9_PURPOSE so it also uses a st atic and | 5369 | *) Modif y X509_TRU ST and X50 9_PURPOSE so it also uses a st atic and | |||
| 8272 | dynam ic mix. In both case s the ids can be use d as an in dex into t he | 5370 | dynam ic mix. In both case s the ids can be use d as an in dex into t he | |||
| 8273 | table . Also mod ified the X509_TRUST _add() and X509_PURP OSE_add() | 5371 | table . Also mod ified the X509_TRUST _add() and X509_PURP OSE_add() | |||
| 8274 | funct ions so th ey accept a list of the field values and the | 5372 | funct ions so th ey accept a list of the field values and the | |||
| 8275 | appli cation doe sn't need to directl y manipula te the X50 9_TRUST | 5373 | appli cation doe sn't need to directl y manipula te the X50 9_TRUST | |||
| 8276 | struc ture. | 5374 | struc ture. | |||
| 8277 | [Stev e Henson] | 5375 | [Stev e Henson] | |||
| 8278 | 5376 | |||||
| 8279 | *) Modif y the ASN1 _STRING_TA BLE stuff so it also uses bsea rch and do esn't | 5377 | *) Modif y the ASN1 _STRING_TA BLE stuff so it also uses bsea rch and do esn't | |||
| 8280 | need initialisi ng. | 5378 | need initialisi ng. | |||
| 8281 | [Stev e Henson] | 5379 | [Stev e Henson] | |||
| 8282 | 5380 | |||||
| 8283 | *) Modif y the way the V3 ext ension cod e looks up extension s. This no w | 5381 | *) Modif y the way the V3 ext ension cod e looks up extension s. This no w | |||
| 8284 | works in a simi lar way to the objec t code: we have some "standard " | 5382 | works in a simi lar way to the objec t code: we have some "standard " | |||
| 8285 | exten sions in a static ta ble which is searche d with OBJ _bsearch() | 5383 | exten sions in a static ta ble which is searche d with OBJ _bsearch() | |||
| 8286 | and t he applica tion can a dd dynamic ones if n eeded. The file | 5384 | and t he applica tion can a dd dynamic ones if n eeded. The file | |||
| 8287 | crypt o/x509v3/e xt_dat.h n ow has the info: thi s file nee ds to be | 5385 | crypt o/x509v3/e xt_dat.h n ow has the info: thi s file nee ds to be | |||
| 8288 | updat ed wheneve r a new ex tension is added to the core c ode and ke pt | 5386 | updat ed wheneve r a new ex tension is added to the core c ode and ke pt | |||
| 8289 | in ex t_nid orde r. There i s a simple program ' tabtest.c' which che cks | 5387 | in ex t_nid orde r. There i s a simple program ' tabtest.c' which che cks | |||
| 8290 | this. New exten sions are not added too often so this fi le can rea dily | 5388 | this. New exten sions are not added too often so this fi le can rea dily | |||
| 8291 | be ma intained m anually. | 5389 | be ma intained m anually. | |||
| 8292 | 5390 | |||||
| 8293 | There are two b ig advanta ges in doi ng things this way. The extens ions | 5391 | There are two b ig advanta ges in doi ng things this way. The extens ions | |||
| 8294 | can b e looked u p immediat ely and no longer ne ed to be " added" usi ng | 5392 | can b e looked u p immediat ely and no longer ne ed to be " added" usi ng | |||
| 8295 | X509V 3_add_stan dard_exten sions(): t his functi on now doe s nothing. | 5393 | X509V 3_add_stan dard_exten sions(): t his functi on now doe s nothing. | |||
| 8296 | [Side note: I g et *lots* of email s aying the extension code doesn 't | 5394 | [Side note: I g et *lots* of email s aying the extension code doesn 't | |||
| 8297 | work because p eople forg et to call this func tion] | 5395 | work because p eople forg et to call this func tion] | |||
| 8298 | Also no dynamic allocatio n is done unless new extension s are adde d: | 5396 | Also no dynamic allocatio n is done unless new extension s are adde d: | |||
| 8299 | so if we don't add custom extension s there is no need t o call | 5397 | so if we don't add custom extension s there is no need t o call | |||
| 8300 | X509V 3_EXT_clea nup(). | 5398 | X509V 3_EXT_clea nup(). | |||
| 8301 | [Stev e Henson] | 5399 | [Stev e Henson] | |||
| 8302 | 5400 | |||||
| 8303 | *) Modif y enc util ity's salt ing as fol lows: make salting t he default . Add a | 5401 | *) Modif y enc util ity's salt ing as fol lows: make salting t he default . Add a | |||
| 8304 | magic header, s o unsalted files fai l graceful ly instead of just d ecrypting | 5402 | magic header, s o unsalted files fai l graceful ly instead of just d ecrypting | |||
| 8305 | to ga rbage. Thi s is becau se not sal ting is a big securi ty hole, s o people | 5403 | to ga rbage. Thi s is becau se not sal ting is a big securi ty hole, s o people | |||
| 8306 | shoul d be disco uraged fro m doing it . | 5404 | shoul d be disco uraged fro m doing it . | |||
| 8307 | [Ben Laurie] | 5405 | [Ben Laurie] | |||
| 8308 | 5406 | |||||
| 8309 | *) Fixes and enhan cements to the 'x509 ' utility. It allowe d a messag e | 5407 | *) Fixes and enhan cements to the 'x509 ' utility. It allowe d a messag e | |||
| 8310 | diges t to be pa ssed on th e command line but i t only use d this | 5408 | diges t to be pa ssed on th e command line but i t only use d this | |||
| 8311 | param eter when signing a certificat e. Modifie d so all r elevant | 5409 | param eter when signing a certificat e. Modifie d so all r elevant | |||
| 8312 | opera tions are affected b y the dige st paramet er includi ng the | 5410 | opera tions are affected b y the dige st paramet er includi ng the | |||
| 8313 | -fing erprint an d -x509tor eq options . Also -x5 09toreq ch oked if a | 5411 | -fing erprint an d -x509tor eq options . Also -x5 09toreq ch oked if a | |||
| 8314 | DSA k ey was use d because it didn't fix the di gest. | 5412 | DSA k ey was use d because it didn't fix the di gest. | |||
| 8315 | [Stev e Henson] | 5413 | [Stev e Henson] | |||
| 8316 | 5414 | |||||
| 8317 | *) Initi al certifi cate chain verify co de. Curren tly tests the untrus ted | 5415 | *) Initi al certifi cate chain verify co de. Curren tly tests the untrus ted | |||
| 8318 | certi ficates fo r consiste ncy with t he verify purpose (w hich is se t | 5416 | certi ficates fo r consiste ncy with t he verify purpose (w hich is se t | |||
| 8319 | when the X509_S TORE_CTX s tructure i s set up) and checks the pathl ength. | 5417 | when the X509_S TORE_CTX s tructure i s set up) and checks the pathl ength. | |||
| 8320 | 5418 | |||||
| 8321 | There is a NO_C HAIN_VERIF Y compilat ion option to keep t he old beh aviour: | 5419 | There is a NO_C HAIN_VERIF Y compilat ion option to keep t he old beh aviour: | |||
| 8322 | this is because it will r eject chai ns with in valid exte nsions whe reas | 5420 | this is because it will r eject chai ns with in valid exte nsions whe reas | |||
| 8323 | every previous version of OpenSSL a nd SSLeay made no ch ecks at al l. | 5421 | every previous version of OpenSSL a nd SSLeay made no ch ecks at al l. | |||
| 8324 | 5422 | |||||
| 8325 | Trust code: che cks the ro ot CA for the releva nt trust s ettings. T rust | 5423 | Trust code: che cks the ro ot CA for the releva nt trust s ettings. T rust | |||
| 8326 | setti ngs have a n initial value cons istent wit h the veri fy purpose : e.g. | 5424 | setti ngs have a n initial value cons istent wit h the veri fy purpose : e.g. | |||
| 8327 | if th e verify p urpose is for SSL cl ient use i t expects the CA to be | 5425 | if th e verify p urpose is for SSL cl ient use i t expects the CA to be | |||
| 8328 | trust ed for SSL client us e. However the defau lt value c an be chan ged to | 5426 | trust ed for SSL client us e. However the defau lt value c an be chan ged to | |||
| 8329 | permi t custom t rust setti ngs: one e xample of this would be to onl y trust | 5427 | permi t custom t rust setti ngs: one e xample of this would be to onl y trust | |||
| 8330 | certi ficates fr om a speci fic "secur e" set of CAs. | 5428 | certi ficates fr om a speci fic "secur e" set of CAs. | |||
| 8331 | 5429 | |||||
| 8332 | Also added X509 _STORE_CTX _new() and X509_STOR E_CTX_free () functio ns | 5430 | Also added X509 _STORE_CTX _new() and X509_STOR E_CTX_free () functio ns | |||
| 8333 | which should be used for version po rtability: especiall y since th e | 5431 | which should be used for version po rtability: especiall y since th e | |||
| 8334 | verif y structur e is likel y to chang e more oft en now. | 5432 | verif y structur e is likel y to chang e more oft en now. | |||
| 8335 | 5433 | |||||
| 8336 | SSL i ntegration . Add purp ose and tr ust to SSL _CTX and S SL and fun ctions | 5434 | SSL i ntegration . Add purp ose and tr ust to SSL _CTX and S SL and fun ctions | |||
| 8337 | to se t them. If not set t hen assume SSL clien ts will ve rify SSL s ervers | 5435 | to se t them. If not set t hen assume SSL clien ts will ve rify SSL s ervers | |||
| 8338 | and v ice versa. | 5436 | and v ice versa. | |||
| 8339 | 5437 | |||||
| 8340 | Two n ew options to the ve rify progr am: -untru sted allow s a set of | 5438 | Two n ew options to the ve rify progr am: -untru sted allow s a set of | |||
| 8341 | untru sted certi ficates to be passed in and -p urpose whi ch sets th e | 5439 | untru sted certi ficates to be passed in and -p urpose whi ch sets th e | |||
| 8342 | inten ded purpos e of the c ertificate . If a pur pose is se t then the | 5440 | inten ded purpos e of the c ertificate . If a pur pose is se t then the | |||
| 8343 | new c hain verif y code is used to ch eck extens ion consis tency. | 5441 | new c hain verif y code is used to ch eck extens ion consis tency. | |||
| 8344 | [Stev e Henson] | 5442 | [Stev e Henson] | |||
| 8345 | 5443 | |||||
| 8346 | *) Suppo rt for the authority informati on access extension. | 5444 | *) Suppo rt for the authority informati on access extension. | |||
| 8347 | [Stev e Henson] | 5445 | [Stev e Henson] | |||
| 8348 | 5446 | |||||
| 8349 | *) Modif y RSA and DSA PEM re ad routine s to trans parently h andle | 5447 | *) Modif y RSA and DSA PEM re ad routine s to trans parently h andle | |||
| 8350 | PKCS# 8 format p rivate key s. New *_P UBKEY_* fu nctions th at handle | 5448 | PKCS# 8 format p rivate key s. New *_P UBKEY_* fu nctions th at handle | |||
| 8351 | publi c keys in a format c ompatible with certi ficate | 5449 | publi c keys in a format c ompatible with certi ficate | |||
| 8352 | Subje ctPublicKe yInfo stru ctures. Un fortunatel y there we re already | 5450 | Subje ctPublicKe yInfo stru ctures. Un fortunatel y there we re already | |||
| 8353 | funct ions calle d *_Public Key_* whic h used var ious odd f ormats so | 5451 | funct ions calle d *_Public Key_* whic h used var ious odd f ormats so | |||
| 8354 | these are retai ned for co mpatibilit y: however the DSA v ariants we re | 5452 | these are retai ned for co mpatibilit y: however the DSA v ariants we re | |||
| 8355 | never in a publ ic release so they h ave been d eleted. Ch anged dsa/ rsa | 5453 | never in a publ ic release so they h ave been d eleted. Ch anged dsa/ rsa | |||
| 8356 | utili ties to ha ndle the n ew format: note no r eleases ev er handled public | 5454 | utili ties to ha ndle the n ew format: note no r eleases ev er handled public | |||
| 8357 | keys so we shou ld be OK. | 5455 | keys so we shou ld be OK. | |||
| 8358 | 5456 | |||||
| 8359 | The p rimary mot ivation fo r this cha nge is to avoid the same fiasc o | 5457 | The p rimary mot ivation fo r this cha nge is to avoid the same fiasc o | |||
| 8360 | that dogs priva te keys: t here are s everal inc ompatible private ke y | 5458 | that dogs priva te keys: t here are s everal inc ompatible private ke y | |||
| 8361 | forma ts some of which are standard and some O penSSL spe cific and | 5459 | forma ts some of which are standard and some O penSSL spe cific and | |||
| 8362 | requi re various evil hack s to allow partial t ransparent handling and | 5460 | requi re various evil hack s to allow partial t ransparent handling and | |||
| 8363 | even then it do esn't work with DER formats. G iven the o ption anyt hing | 5461 | even then it do esn't work with DER formats. G iven the o ption anyt hing | |||
| 8364 | other than PKCS #8 should be dumped: but the o ther forma ts have to | 5462 | other than PKCS #8 should be dumped: but the o ther forma ts have to | |||
| 8365 | stay in the nam e of compa tibility. | 5463 | stay in the nam e of compa tibility. | |||
| 8366 | 5464 | |||||
| 8367 | With public key s and the benefit of hindsight one stand ard format | 5465 | With public key s and the benefit of hindsight one stand ard format | |||
| 8368 | is us ed which w orks with EVP_PKEY, RSA or DSA structure s: though | 5466 | is us ed which w orks with EVP_PKEY, RSA or DSA structure s: though | |||
| 8369 | it cl early retu rns an err or if you try to rea d the wron g kind of key. | 5467 | it cl early retu rns an err or if you try to rea d the wron g kind of key. | |||
| 8370 | 5468 | |||||
| 8371 | Added a -pubkey option to the 'x509 ' utility to output the public key. | 5469 | Added a -pubkey option to the 'x509 ' utility to output the public key. | |||
| 8372 | Also rename the EVP_PKEY_ get_*() to EVP_PKEY_ rget_*() | 5470 | Also rename the EVP_PKEY_ get_*() to EVP_PKEY_ rget_*() | |||
| 8373 | (rena med to EVP _PKEY_get1 _*() in th e OpenSSL 0.9.5 rele ase) and a dd | 5471 | (rena med to EVP _PKEY_get1 _*() in th e OpenSSL 0.9.5 rele ase) and a dd | |||
| 8374 | EVP_P KEY_rset_* () functio ns (rename d to EVP_P KEY_set1_* ()) | 5472 | EVP_P KEY_rset_* () functio ns (rename d to EVP_P KEY_set1_* ()) | |||
| 8375 | that do the sam e as the E VP_PKEY_as sign_*() e xcept they up the | 5473 | that do the sam e as the E VP_PKEY_as sign_*() e xcept they up the | |||
| 8376 | refer ence count of the ad ded key (t hey don't "swallow" the | 5474 | refer ence count of the ad ded key (t hey don't "swallow" the | |||
| 8377 | suppl ied key). | 5475 | suppl ied key). | |||
| 8378 | [Stev e Henson] | 5476 | [Stev e Henson] | |||
| 8379 | 5477 | |||||
| 8380 | *) Fixes to crypto /x509/by_f ile.c the code to re ad in cert ificates a nd | 5478 | *) Fixes to crypto /x509/by_f ile.c the code to re ad in cert ificates a nd | |||
| 8381 | CRLs would fail if the fi le contain ed no cert ificates o r no CRLs: | 5479 | CRLs would fail if the fi le contain ed no cert ificates o r no CRLs: | |||
| 8382 | added a new fun ction to r ead in bot h types an d return t he number | 5480 | added a new fun ction to r ead in bot h types an d return t he number | |||
| 8383 | read: this mean s that if none are r ead it wil l be an er ror. The | 5481 | read: this mean s that if none are r ead it wil l be an er ror. The | |||
| 8384 | DER v ersions of the certi ficate and CRL reade r would al ways fail | 5482 | DER v ersions of the certi ficate and CRL reade r would al ways fail | |||
| 8385 | becau se it isn' t possible to mix ce rtificates and CRLs in DER for mat | 5483 | becau se it isn' t possible to mix ce rtificates and CRLs in DER for mat | |||
| 8386 | witho ut choking one or th e other ro utine. Cha nged this to just re ad | 5484 | witho ut choking one or th e other ro utine. Cha nged this to just re ad | |||
| 8387 | a cer tificate: this is th e best we can do. Al so modifie d the code | 5485 | a cer tificate: this is th e best we can do. Al so modifie d the code | |||
| 8388 | in ap ps/verify. c to take notice of return cod es: it was previousl y | 5486 | in ap ps/verify. c to take notice of return cod es: it was previousl y | |||
| 8389 | attem pting to r ead in cer tificates from NULL pointers a nd ignorin g | 5487 | attem pting to r ead in cer tificates from NULL pointers a nd ignorin g | |||
| 8390 | any e rrors: thi s is one r eason why the cert a nd CRL rea der seemed | 5488 | any e rrors: thi s is one r eason why the cert a nd CRL rea der seemed | |||
| 8391 | to wo rk. It doe sn't check return co des from t he default certifica te | 5489 | to wo rk. It doe sn't check return co des from t he default certifica te | |||
| 8392 | routi nes: these may well fail if th e certific ates aren' t installe d. | 5490 | routi nes: these may well fail if th e certific ates aren' t installe d. | |||
| 8393 | [Stev e Henson] | 5491 | [Stev e Henson] | |||
| 8394 | 5492 | |||||
| 8395 | *) Code to support otherName option in GeneralNa me. | 5493 | *) Code to support otherName option in GeneralNa me. | |||
| 8396 | [Stev e Henson] | 5494 | [Stev e Henson] | |||
| 8397 | 5495 | |||||
| 8398 | *) First update to verify co de. Change the verif y utility | 5496 | *) First update to verify co de. Change the verif y utility | |||
| 8399 | so it warns if it is pass ed a self signed cer tificate: | 5497 | so it warns if it is pass ed a self signed cer tificate: | |||
| 8400 | for c onsistency with the normal beh aviour. X5 09_verify | 5498 | for c onsistency with the normal beh aviour. X5 09_verify | |||
| 8401 | has b een modifi ed to it w ill now ve rify a sel f signed | 5499 | has b een modifi ed to it w ill now ve rify a sel f signed | |||
| 8402 | certi ficate if *exactly* the same c ertificate appears | 5500 | certi ficate if *exactly* the same c ertificate appears | |||
| 8403 | in th e store: i t was prev iously imp ossible to trust a | 5501 | in th e store: i t was prev iously imp ossible to trust a | |||
| 8404 | singl e self sig ned certif icate. Thi s means th at: | 5502 | singl e self sig ned certif icate. Thi s means th at: | |||
| 8405 | opens sl verify ss.pem | 5503 | opens sl verify ss.pem | |||
| 8406 | now g ives a war ning about a self si gned certi ficate but | 5504 | now g ives a war ning about a self si gned certi ficate but | |||
| 8407 | opens sl verify -CAfile ss .pem ss.pe m | 5505 | opens sl verify -CAfile ss .pem ss.pe m | |||
| 8408 | is OK . | 5506 | is OK . | |||
| 8409 | [Stev e Henson] | 5507 | [Stev e Henson] | |||
| 8410 | 5508 | |||||
| 8411 | *) For s ervers, st ore verify _result in SSL_SESSI ON data st ructure | 5509 | *) For s ervers, st ore verify _result in SSL_SESSI ON data st ructure | |||
| 8412 | (and add it to external s ession rep resentatio n). | 5510 | (and add it to external s ession rep resentatio n). | |||
| 8413 | This is needed when clien t certific ate verifi cations fa ils, | 5511 | This is needed when clien t certific ate verifi cations fa ils, | |||
| 8414 | but a n applicat ion-provid ed verific ation call back (set by | 5512 | but a n applicat ion-provid ed verific ation call back (set by | |||
| 8415 | SSL_C TX_set_cer t_verify_c allback) a llows acce pting the session | 5513 | SSL_C TX_set_cer t_verify_c allback) a llows acce pting the session | |||
| 8416 | anywa y (i.e. le aves x509_ store_ctx- >error != X509_V_OK | 5514 | anywa y (i.e. le aves x509_ store_ctx- >error != X509_V_OK | |||
| 8417 | but r eturns 1): When the session is reused, w e have to set | 5515 | but r eturns 1): When the session is reused, w e have to set | |||
| 8418 | ssl-> verify_res ult to the appropria te error c ode to avo id | 5516 | ssl-> verify_res ult to the appropria te error c ode to avo id | |||
| 8419 | secur ity holes. | 5517 | secur ity holes. | |||
| 8420 | [Bodo Moeller, problem po inted out by Lutz Ja enicke] | 5518 | [Bodo Moeller, problem po inted out by Lutz Ja enicke] | |||
| 8421 | 5519 | |||||
| 8422 | *) Fix a bug in th e new PKCS #7 code: i t didn't c onsider th e | 5520 | *) Fix a bug in th e new PKCS #7 code: i t didn't c onsider th e | |||
| 8423 | case in PKCS7_d ataInit() where the signed PKC S7 structu re | 5521 | case in PKCS7_d ataInit() where the signed PKC S7 structu re | |||
| 8424 | didn' t contain any existi ng data be cause it w as being c reated. | 5522 | didn' t contain any existi ng data be cause it w as being c reated. | |||
| 8425 | [Po-C heng Chen <pocheng@n st.com.tw> , slightly modified by Steve H enson] | 5523 | [Po-C heng Chen <pocheng@n st.com.tw> , slightly modified by Steve H enson] | |||
| 8426 | 5524 | |||||
| 8427 | *) Add a salt to t he key der ivation ro utines in enc.c. Thi s | 5525 | *) Add a salt to t he key der ivation ro utines in enc.c. Thi s | |||
| 8428 | forms the first 8 bytes o f the encr ypted file . Also add a | 5526 | forms the first 8 bytes o f the encr ypted file . Also add a | |||
| 8429 | -S op tion to al low a salt to be inp ut on the command li ne. | 5527 | -S op tion to al low a salt to be inp ut on the command li ne. | |||
| 8430 | [Stev e Henson] | 5528 | [Stev e Henson] | |||
| 8431 | 5529 | |||||
| 8432 | *) New f unction X5 09_cmp(). Oddly enou gh there w asn't a fu nction | 5530 | *) New f unction X5 09_cmp(). Oddly enou gh there w asn't a fu nction | |||
| 8433 | to co mpare two certificat es. We do this by wo rking out the SHA1 | 5531 | to co mpare two certificat es. We do this by wo rking out the SHA1 | |||
| 8434 | hash and compar ing that. X509_cmp() will be n eeded by t he trust | 5532 | hash and compar ing that. X509_cmp() will be n eeded by t he trust | |||
| 8435 | code. | 5533 | code. | |||
| 8436 | [Stev e Henson] | 5534 | [Stev e Henson] | |||
| 8437 | 5535 | |||||
| 8438 | *) SSL_g et1_sessio n() is lik e SSL_get_ session(), but incre ments | 5536 | *) SSL_g et1_sessio n() is lik e SSL_get_ session(), but incre ments | |||
| 8439 | the r eference c ount in th e SSL_SESS ION return ed. | 5537 | the r eference c ount in th e SSL_SESS ION return ed. | |||
| 8440 | [Geof f Thorpe < geoff@eu.c 2.net>] | 5538 | [Geof f Thorpe < geoff@eu.c 2.net>] | |||
| 8441 | 5539 | |||||
| 8442 | *) Fix f or 'req': it was add ing a null to reques t attribut es. | 5540 | *) Fix f or 'req': it was add ing a null to reques t attribut es. | |||
| 8443 | Also change the X509_LOOK UP and X50 9_INFO cod e to handl e | 5541 | Also change the X509_LOOK UP and X50 9_INFO cod e to handl e | |||
| 8444 | certi ficate aux iliary inf ormation. | 5542 | certi ficate aux iliary inf ormation. | |||
| 8445 | [Stev e Henson] | 5543 | [Stev e Henson] | |||
| 8446 | 5544 | |||||
| 8447 | *) Add s upport for 40 and 64 bit RC2 a nd RC4 alg orithms: d ocument | 5545 | *) Add s upport for 40 and 64 bit RC2 a nd RC4 alg orithms: d ocument | |||
| 8448 | the ' enc' comma nd. | 5546 | the ' enc' comma nd. | |||
| 8449 | [Stev e Henson] | 5547 | [Stev e Henson] | |||
| 8450 | 5548 | |||||
| 8451 | *) Add t he possibi lity to ad d extra in formation to the mem ory leak | 5549 | *) Add t he possibi lity to ad d extra in formation to the mem ory leak | |||
| 8452 | detec ting outpu t, to form traceback s, showing from wher e each | 5550 | detec ting outpu t, to form traceback s, showing from wher e each | |||
| 8453 | alloc ation was originated : CRYPTO_p ush_info(" constant s tring") ad ds | 5551 | alloc ation was originated : CRYPTO_p ush_info(" constant s tring") ad ds | |||
| 8454 | the s tring plus current f ile name a nd line nu mber to a per-thread | 5552 | the s tring plus current f ile name a nd line nu mber to a per-thread | |||
| 8455 | stack , CRYPTO_p op_info() does the o bvious, CR YPTO_remov e_all_info () | 5553 | stack , CRYPTO_p op_info() does the o bvious, CR YPTO_remov e_all_info () | |||
| 8456 | is li ke calling CYRPTO_po p_info() u ntil the s tack is em pty. | 5554 | is li ke calling CYRPTO_po p_info() u ntil the s tack is em pty. | |||
| 8457 | Also updated me mory leak detection code to be multi-thr ead-safe. | 5555 | Also updated me mory leak detection code to be multi-thr ead-safe. | |||
| 8458 | [Rich ard Levitt e] | 5556 | [Rich ard Levitt e] | |||
| 8459 | 5557 | |||||
| 8460 | *) Add o ptions -te xt and -no out to pkc s7 utility and delet e the | 5558 | *) Add o ptions -te xt and -no out to pkc s7 utility and delet e the | |||
| 8461 | encry ption opti ons which never did anything. Update doc s. | 5559 | encry ption opti ons which never did anything. Update doc s. | |||
| 8462 | [Stev e Henson] | 5560 | [Stev e Henson] | |||
| 8463 | 5561 | |||||
| 8464 | *) Add o ptions to some of th e utilitie s to allow the pass phrase | 5562 | *) Add o ptions to some of th e utilitie s to allow the pass phrase | |||
| 8465 | to be included on either the comman d line (no t recommen ded on | 5563 | to be included on either the comman d line (no t recommen ded on | |||
| 8466 | OSes like Unix) or read f rom the en vironment. Update th e | 5564 | OSes like Unix) or read f rom the en vironment. Update th e | |||
| 8467 | manpa ges and fi x a few bu gs. | 5565 | manpa ges and fi x a few bu gs. | |||
| 8468 | [Stev e Henson] | 5566 | [Stev e Henson] | |||
| 8469 | 5567 | |||||
| 8470 | *) Add a few manpa ges for so me of the openssl co mmands. | 5568 | *) Add a few manpa ges for so me of the openssl co mmands. | |||
| 8471 | [Stev e Henson] | 5569 | [Stev e Henson] | |||
| 8472 | 5570 | |||||
| 8473 | *) Fix t he -revoke option in ca. It wa s freeing up memory twice, | 5571 | *) Fix t he -revoke option in ca. It wa s freeing up memory twice, | |||
| 8474 | leaki ng and not finding a lready rev oked certi ficates. | 5572 | leaki ng and not finding a lready rev oked certi ficates. | |||
| 8475 | [Stev e Henson] | 5573 | [Stev e Henson] | |||
| 8476 | 5574 | |||||
| 8477 | *) Exten sive chang es to supp ort certif icate auxi liary info rmation. | 5575 | *) Exten sive chang es to supp ort certif icate auxi liary info rmation. | |||
| 8478 | This involves t he use of X509_CERT_ AUX struct ure and X5 09_AUX | 5576 | This involves t he use of X509_CERT_ AUX struct ure and X5 09_AUX | |||
| 8479 | funct ions. An X 509_AUX fu nction suc h as PEM_r ead_X509_A UX() | 5577 | funct ions. An X 509_AUX fu nction suc h as PEM_r ead_X509_A UX() | |||
| 8480 | can s till read in a certi ficate fil e in the u sual way b ut it | 5578 | can s till read in a certi ficate fil e in the u sual way b ut it | |||
| 8481 | will also read in any add itional "a uxiliary i nformation ". By | 5579 | will also read in any add itional "a uxiliary i nformation ". By | |||
| 8482 | doing things th is way a f air degree of compat ibility ca n be | 5580 | doing things th is way a f air degree of compat ibility ca n be | |||
| 8483 | retai ned: exist ing certif icates can have this informati on added | 5581 | retai ned: exist ing certif icates can have this informati on added | |||
| 8484 | using the new ' x509' opti ons. | 5582 | using the new ' x509' opti ons. | |||
| 8485 | 5583 | |||||
| 8486 | Curre nt auxilia ry informa tion inclu des an "al ias" and s ome trust | 5584 | Curre nt auxilia ry informa tion inclu des an "al ias" and s ome trust | |||
| 8487 | setti ngs. The t rust setti ngs will u ltimately be used in enhanced | 5585 | setti ngs. The t rust setti ngs will u ltimately be used in enhanced | |||
| 8488 | certi ficate cha in verific ation rout ines: curr ently a ce rtificate | 5586 | certi ficate cha in verific ation rout ines: curr ently a ce rtificate | |||
| 8489 | can o nly be tru sted if it is self s igned and then it is trusted | 5587 | can o nly be tru sted if it is self s igned and then it is trusted | |||
| 8490 | for a ll purpose s. | 5588 | for a ll purpose s. | |||
| 8491 | [Stev e Henson] | 5589 | [Stev e Henson] | |||
| 8492 | 5590 | |||||
| 8493 | *) Fix a ssembler f or Alpha ( tested onl y on DEC O SF not Lin ux or *BSD ). | 5591 | *) Fix a ssembler f or Alpha ( tested onl y on DEC O SF not Lin ux or *BSD ). | |||
| 8494 | The p roblem was that one of the rep lacement r outines ha d not been working | 5592 | The p roblem was that one of the rep lacement r outines ha d not been working | |||
| 8495 | since SSLeay re leases. F or now the offending routine h as been re placed | 5593 | since SSLeay re leases. F or now the offending routine h as been re placed | |||
| 8496 | with non-optimi sed assemb ler. Even so, this now gives around 95% | 5594 | with non-optimi sed assemb ler. Even so, this now gives around 95% | |||
| 8497 | perfo rmance imp rovement f or 1024 bi t RSA sign s. | 5595 | perfo rmance imp rovement f or 1024 bi t RSA sign s. | |||
| 8498 | [Mark Cox] | 5596 | [Mark Cox] | |||
| 8499 | 5597 | |||||
| 8500 | *) Hack to fix PKC S#7 decryp tion when used with some unort hodox RC2 | 5598 | *) Hack to fix PKC S#7 decryp tion when used with some unort hodox RC2 | |||
| 8501 | handl ing. Most clients ha ve the eff ective key size in b its equal to | 5599 | handl ing. Most clients ha ve the eff ective key size in b its equal to | |||
| 8502 | the k ey length in bits: s o a 40 bit RC2 key u ses a 40 b it (5 byte ) key. | 5600 | the k ey length in bits: s o a 40 bit RC2 key u ses a 40 b it (5 byte ) key. | |||
| 8503 | A few however d on't do th is and ins tead use t he size of the decry pted key | 5601 | A few however d on't do th is and ins tead use t he size of the decry pted key | |||
| 8504 | to de termine th e RC2 key length and the Algor ithmIdenti fier to de termine | 5602 | to de termine th e RC2 key length and the Algor ithmIdenti fier to de termine | |||
| 8505 | the e ffective k ey length. In this c ase the ef fective ke y length c an still | 5603 | the e ffective k ey length. In this c ase the ef fective ke y length c an still | |||
| 8506 | be 40 bits but the key le ngth can b e 168 bits for examp le. This i s fixed | 5604 | be 40 bits but the key le ngth can b e 168 bits for examp le. This i s fixed | |||
| 8507 | by ma nually for cing an RC 2 key into the EVP_P KEY struct ure becaus e the | 5605 | by ma nually for cing an RC 2 key into the EVP_P KEY struct ure becaus e the | |||
| 8508 | EVP c ode can't currently handle unu sual RC2 k ey sizes: it always assumes | 5606 | EVP c ode can't currently handle unu sual RC2 k ey sizes: it always assumes | |||
| 8509 | the k ey length and effect ive key le ngth are e qual. | 5607 | the k ey length and effect ive key le ngth are e qual. | |||
| 8510 | [Stev e Henson] | 5608 | [Stev e Henson] | |||
| 8511 | 5609 | |||||
| 8512 | *) Add a bunch of functions that shoul d simplify the creat ion of | 5610 | *) Add a bunch of functions that shoul d simplify the creat ion of | |||
| 8513 | X509_ NAME struc tures. Now you shoul d be able to do: | 5611 | X509_ NAME struc tures. Now you shoul d be able to do: | |||
| 8514 | X509_ NAME_add_e ntry_by_tx t(nm, "CN" , MBSTRING _ASC, "Ste ve", -1, - 1, 0); | 5612 | X509_ NAME_add_e ntry_by_tx t(nm, "CN" , MBSTRING _ASC, "Ste ve", -1, - 1, 0); | |||
| 8515 | and h ave it aut omatically work out the correc t field ty pe and fil l in | 5613 | and h ave it aut omatically work out the correc t field ty pe and fil l in | |||
| 8516 | the s tructures. The more adventurou s can try: | 5614 | the s tructures. The more adventurou s can try: | |||
| 8517 | X509_ NAME_add_e ntry_by_tx t(nm, fiel d, MBSTRIN G_UTF8, st r, -1, -1, 0); | 5615 | X509_ NAME_add_e ntry_by_tx t(nm, fiel d, MBSTRIN G_UTF8, st r, -1, -1, 0); | |||
| 8518 | and i t will (ho pefully) w ork out th e correct multibyte encoding. | 5616 | and i t will (ho pefully) w ork out th e correct multibyte encoding. | |||
| 8519 | [Stev e Henson] | 5617 | [Stev e Henson] | |||
| 8520 | 5618 | |||||
| 8521 | *) Chang e the 'req ' utility to use the new field handling and multib yte | 5619 | *) Chang e the 'req ' utility to use the new field handling and multib yte | |||
| 8522 | copy routines. Before the DN field creation w as handled in an ad hoc | 5620 | copy routines. Before the DN field creation w as handled in an ad hoc | |||
| 8523 | way i n req, ca, and x509 which was rather bro ken and di dn't suppo rt | 5621 | way i n req, ca, and x509 which was rather bro ken and di dn't suppo rt | |||
| 8524 | BMPSt rings or U TF8Strings . Since so me softwar e doesn't implement | 5622 | BMPSt rings or U TF8Strings . Since so me softwar e doesn't implement | |||
| 8525 | BMPSt rings or U TF8Strings yet, they can be en abled usin g the conf ig file | 5623 | BMPSt rings or U TF8Strings yet, they can be en abled usin g the conf ig file | |||
| 8526 | using the dirst ring_type option. Se e the new comment in the defau lt | 5624 | using the dirst ring_type option. Se e the new comment in the defau lt | |||
| 8527 | opens sl.cnf for more info . | 5625 | opens sl.cnf for more info . | |||
| 8528 | [Stev e Henson] | 5626 | [Stev e Henson] | |||
| 8529 | 5627 | |||||
| 8530 | *) Make crypto/ran d/md_rand. c more rob ust: | 5628 | *) Make crypto/ran d/md_rand. c more rob ust: | |||
| 8531 | - Ass ure unique random nu mbers afte r fork(). | 5629 | - Ass ure unique random nu mbers afte r fork(). | |||
| 8532 | - Mak e sure tha t concurre nt threads access th e global c ounter and | 5630 | - Mak e sure tha t concurre nt threads access th e global c ounter and | |||
| 8533 | md serializab ly so that we never lose entro py in them | 5631 | md serializab ly so that we never lose entro py in them | |||
| 8534 | or use exactl y the same state in multiple t hreads. | 5632 | or use exactl y the same state in multiple t hreads. | |||
| 8535 | Acc ess to the large sta te is not always ser ializable because | 5633 | Acc ess to the large sta te is not always ser ializable because | |||
| 8536 | the additiona l locking could be a performan ce killer, and | 5634 | the additiona l locking could be a performan ce killer, and | |||
| 8537 | md should be large enou gh anyway. | 5635 | md should be large enou gh anyway. | |||
| 8538 | [Bodo Moeller] | 5636 | [Bodo Moeller] | |||
| 8539 | 5637 | |||||
| 8540 | *) New f ile apps/a pp_rand.c with commo nly needed functiona lity | 5638 | *) New f ile apps/a pp_rand.c with commo nly needed functiona lity | |||
| 8541 | for h andling th e random s eed file. | 5639 | for h andling th e random s eed file. | |||
| 8542 | 5640 | |||||
| 8543 | Use t he random seed file in some ap plications that prev iously did not: | 5641 | Use t he random seed file in some ap plications that prev iously did not: | |||
| 8544 | ca, | 5642 | ca, | |||
| 8545 | dsaparam - genkey (wh ich also i gnored its '-rand' o ption), | 5643 | dsaparam - genkey (wh ich also i gnored its '-rand' o ption), | |||
| 8546 | s_client, | 5644 | s_client, | |||
| 8547 | s_server, | 5645 | s_server, | |||
| 8548 | x509 (when signing). | 5646 | x509 (when signing). | |||
| 8549 | Excep t on syste ms with /d ev/urandom , it is cr ucial to h ave a rand om | 5647 | Excep t on syste ms with /d ev/urandom , it is cr ucial to h ave a rand om | |||
| 8550 | seed file at le ast for ke y creation , DSA sign ing, and f or DH exch anges; | 5648 | seed file at le ast for ke y creation , DSA sign ing, and f or DH exch anges; | |||
| 8551 | for R SA signatu res we cou ld do with out one. | 5649 | for R SA signatu res we cou ld do with out one. | |||
| 8552 | 5650 | |||||
| 8553 | gendh and gends a (unlike genrsa) us ed to read only the first byte | 5651 | gendh and gends a (unlike genrsa) us ed to read only the first byte | |||
| 8554 | of ea ch file li sted in th e '-rand' option. T he functio n as previ ously | 5652 | of ea ch file li sted in th e '-rand' option. T he functio n as previ ously | |||
| 8555 | found in genrsa is now in app_rand. c and is u sed by all programs | 5653 | found in genrsa is now in app_rand. c and is u sed by all programs | |||
| 8556 | that support '- rand'. | 5654 | that support '- rand'. | |||
| 8557 | [Bodo Moeller] | 5655 | [Bodo Moeller] | |||
| 8558 | 5656 | |||||
| 8559 | *) In RA ND_write_f ile, use m ode 0600 f or creatin g files; | 5657 | *) In RA ND_write_f ile, use m ode 0600 f or creatin g files; | |||
| 8560 | don't just chmo d when it may be too late. | 5658 | don't just chmo d when it may be too late. | |||
| 8561 | [Bodo Moeller] | 5659 | [Bodo Moeller] | |||
| 8562 | 5660 | |||||
| 8563 | *) Repor t an error from X509 _STORE_loa d_location s | 5661 | *) Repor t an error from X509 _STORE_loa d_location s | |||
| 8564 | when X509_LOOKU P_load_fil e or X509_ LOOKUP_add _dir faile d. | 5662 | when X509_LOOKU P_load_fil e or X509_ LOOKUP_add _dir faile d. | |||
| 8565 | [Bill Perry] | 5663 | [Bill Perry] | |||
| 8566 | 5664 | |||||
| 8567 | *) New f unction AS N1_mbstrin g_copy() t his copies a string in either | 5665 | *) New f unction AS N1_mbstrin g_copy() t his copies a string in either | |||
| 8568 | ASCII , Unicode, Universal (4 bytes per charac ter) or UT F8 format | 5666 | ASCII , Unicode, Universal (4 bytes per charac ter) or UT F8 format | |||
| 8569 | into an ASN1_ST RING type. A mask of permissib le types i s passed | 5667 | into an ASN1_ST RING type. A mask of permissib le types i s passed | |||
| 8570 | and i t chooses the "minim al" type t o use or a n error if not type | 5668 | and i t chooses the "minim al" type t o use or a n error if not type | |||
| 8571 | is su itable. | 5669 | is su itable. | |||
| 8572 | [Stev e Henson] | 5670 | [Stev e Henson] | |||
| 8573 | 5671 | |||||
| 8574 | *) Add f unction eq uivalents to the var ious macro s in asn1. h. The old | 5672 | *) Add f unction eq uivalents to the var ious macro s in asn1. h. The old | |||
| 8575 | macro s are reta ined with an M_ pref ix. Code i nside the library ca n | 5673 | macro s are reta ined with an M_ pref ix. Code i nside the library ca n | |||
| 8576 | use t he M_ macr os. Extern al code (i ncluding t he openssl utility) | 5674 | use t he M_ macr os. Extern al code (i ncluding t he openssl utility) | |||
| 8577 | shoul d *NOT* in order to be "shared library f riendly". | 5675 | shoul d *NOT* in order to be "shared library f riendly". | |||
| 8578 | [Stev e Henson] | 5676 | [Stev e Henson] | |||
| 8579 | 5677 | |||||
| 8580 | *) Add v arious fun ctions tha t can chec k a certif icate's ex tensions | 5678 | *) Add v arious fun ctions tha t can chec k a certif icate's ex tensions | |||
| 8581 | to se e if it us able for v arious pur poses such as SSL cl ient, | 5679 | to se e if it us able for v arious pur poses such as SSL cl ient, | |||
| 8582 | serve r or S/MIM E and CAs of these t ypes. This is curren tly | 5680 | serve r or S/MIM E and CAs of these t ypes. This is curren tly | |||
| 8583 | VERY EXPERIMENT AL but wil l ultimate ly be used for certi ficate cha in | 5681 | VERY EXPERIMENT AL but wil l ultimate ly be used for certi ficate cha in | |||
| 8584 | verif ication. A lso added a -purpose flag to x 509 utilit y to | 5682 | verif ication. A lso added a -purpose flag to x 509 utilit y to | |||
| 8585 | print out all t he purpose s. | 5683 | print out all t he purpose s. | |||
| 8586 | [Stev e Henson] | 5684 | [Stev e Henson] | |||
| 8587 | 5685 | |||||
| 8588 | *) Add a CRYPTO_EX _DATA to X 509 certif icate stru cture and associated | 5686 | *) Add a CRYPTO_EX _DATA to X 509 certif icate stru cture and associated | |||
| 8589 | funct ions. | 5687 | funct ions. | |||
| 8590 | [Stev e Henson] | 5688 | [Stev e Henson] | |||
| 8591 | 5689 | |||||
| 8592 | *) New X 509V3_{X50 9,CRL,REVO KED}_get_d 2i() funct ions. Thes e will sea rch | 5690 | *) New X 509V3_{X50 9,CRL,REVO KED}_get_d 2i() funct ions. Thes e will sea rch | |||
| 8593 | for, obtain and decode an d extensio n and obta in its cri tical flag . | 5691 | for, obtain and decode an d extensio n and obta in its cri tical flag . | |||
| 8594 | This allows all the neces sary exten sion code to be hand led in a | 5692 | This allows all the neces sary exten sion code to be hand led in a | |||
| 8595 | singl e function call. | 5693 | singl e function call. | |||
| 8596 | [Stev e Henson] | 5694 | [Stev e Henson] | |||
| 8597 | 5695 | |||||
| 8598 | *) RC4 t une-up fea turing 30- 40% perfor mance impr ovement on most RISC | 5696 | *) RC4 t une-up fea turing 30- 40% perfor mance impr ovement on most RISC | |||
| 8599 | platf orms. See crypto/rc4 /rc4_enc.c for furth er details . | 5697 | platf orms. See crypto/rc4 /rc4_enc.c for furth er details . | |||
| 8600 | [Andy Polyakov] | 5698 | [Andy Polyakov] | |||
| 8601 | 5699 | |||||
| 8602 | *) New - noout opti on to asn1 parse. Thi s causes n o output t o be produ ced | 5700 | *) New - noout opti on to asn1 parse. Thi s causes n o output t o be produ ced | |||
| 8603 | its m ain use is when comb ined with -strparse and -out t o extract data | 5701 | its m ain use is when comb ined with -strparse and -out t o extract data | |||
| 8604 | from a file (wh ich may no t be in AS N.1 format ). | 5702 | from a file (wh ich may no t be in AS N.1 format ). | |||
| 8605 | [Stev e Henson] | 5703 | [Stev e Henson] | |||
| 8606 | 5704 | |||||
| 8607 | *) Fix f or pkcs12 program. I t was hash ing an inv alid certi ficate poi nter | 5705 | *) Fix f or pkcs12 program. I t was hash ing an inv alid certi ficate poi nter | |||
| 8608 | when producing the local key id. | 5706 | when producing the local key id. | |||
| 8609 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 5707 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 8610 | 5708 | |||||
| 8611 | *) New o ption -dhp aram in s_ server. Th is allows a DH param eter file to be | 5709 | *) New o ption -dhp aram in s_ server. Th is allows a DH param eter file to be | |||
| 8612 | state d explicit ly. If it is not sta ted then i t tries th e first se rver | 5710 | state d explicit ly. If it is not sta ted then i t tries th e first se rver | |||
| 8613 | certi ficate fil e. The pre vious beha viour hard coded the filename | 5711 | certi ficate fil e. The pre vious beha viour hard coded the filename | |||
| 8614 | "serv er.pem". | 5712 | "serv er.pem". | |||
| 8615 | [Stev e Henson] | 5713 | [Stev e Henson] | |||
| 8616 | 5714 | |||||
| 8617 | *) Add - pubin and -pubout op tions to t he rsa and dsa comma nds. These allow | 5715 | *) Add - pubin and -pubout op tions to t he rsa and dsa comma nds. These allow | |||
| 8618 | a pub lic key to be input or output. For examp le: | 5716 | a pub lic key to be input or output. For examp le: | |||
| 8619 | opens sl rsa -in key.pem - pubout -ou t pubkey.p em | 5717 | opens sl rsa -in key.pem - pubout -ou t pubkey.p em | |||
| 8620 | Also added nece ssary DSA public key functions to handle this. | 5718 | Also added nece ssary DSA public key functions to handle this. | |||
| 8621 | [Stev e Henson] | 5719 | [Stev e Henson] | |||
| 8622 | 5720 | |||||
| 8623 | *) Fix s o PKCS7_da taVerify() doesn't c rash if no certifica tes are co ntained | 5721 | *) Fix s o PKCS7_da taVerify() doesn't c rash if no certifica tes are co ntained | |||
| 8624 | in th e message. This was handled by allowing | 5722 | in th e message. This was handled by allowing | |||
| 8625 | X509_ find_by_is suer_and_s erial() to tolerate a NULL pas sed to it. | 5723 | X509_ find_by_is suer_and_s erial() to tolerate a NULL pas sed to it. | |||
| 8626 | [Stev e Henson, reported b y Sampo Ke llomaki <s ampo@mail. neuronio.p t>] | 5724 | [Stev e Henson, reported b y Sampo Ke llomaki <s ampo@mail. neuronio.p t>] | |||
| 8627 | 5725 | |||||
| 8628 | *) Fix f or bug in d2i_ASN1_b ytes(): ot her ASN1 f unctions a dd an extr a null | 5726 | *) Fix f or bug in d2i_ASN1_b ytes(): ot her ASN1 f unctions a dd an extr a null | |||
| 8629 | to th e end of t he strings whereas t his didn't . This wou ld cause p roblems | 5727 | to th e end of t he strings whereas t his didn't . This wou ld cause p roblems | |||
| 8630 | if st rings read with d2i_ ASN1_bytes () were la ter modifi ed. | 5728 | if st rings read with d2i_ ASN1_bytes () were la ter modifi ed. | |||
| 8631 | [Stev e Henson, reported b y Arne Ans per <arne@ ats.cyber. ee>] | 5729 | [Stev e Henson, reported b y Arne Ans per <arne@ ats.cyber. ee>] | |||
| 8632 | 5730 | |||||
| 8633 | *) Fix f or base64 decode bug . When a b ase64 bio reads only one line of | 5731 | *) Fix f or base64 decode bug . When a b ase64 bio reads only one line of | |||
| 8634 | data and it con tains EOF it will en d up retur ning an er ror. This is | 5732 | data and it con tains EOF it will en d up retur ning an er ror. This is | |||
| 8635 | cause d by input 46 bytes long. The cause is d ue to the way base64 | 5733 | cause d by input 46 bytes long. The cause is d ue to the way base64 | |||
| 8636 | BIOs find the s tart of ba se64 encod ed data. T hey do thi s by tryin g a | 5734 | BIOs find the s tart of ba se64 encod ed data. T hey do thi s by tryin g a | |||
| 8637 | trial decode on each line until the y find one that work s. When th ey | 5735 | trial decode on each line until the y find one that work s. When th ey | |||
| 8638 | do a flag is se t and it s tarts agai n knowing it can pas s all the | 5736 | do a flag is se t and it s tarts agai n knowing it can pas s all the | |||
| 8639 | data directly t hrough the decoder. Unfortunat ely it doe sn't reset | 5737 | data directly t hrough the decoder. Unfortunat ely it doe sn't reset | |||
| 8640 | the c ontext it uses. This means tha t if EOF i s reached an attempt | 5738 | the c ontext it uses. This means tha t if EOF i s reached an attempt | |||
| 8641 | is ma de to pass two EOFs through th e context and this c auses the | 5739 | is ma de to pass two EOFs through th e context and this c auses the | |||
| 8642 | resul ting error . This can also caus e other pr oblems as well. As i s | 5740 | resul ting error . This can also caus e other pr oblems as well. As i s | |||
| 8643 | usual with thes e problems it takes *ages* to find and t he fix is | 5741 | usual with thes e problems it takes *ages* to find and t he fix is | |||
| 8644 | trivi al: move o ne line. | 5742 | trivi al: move o ne line. | |||
| 8645 | [Stev e Henson, reported b y ian@uns. ns.ac.yu ( Ivan Nejge bauer) ] | 5743 | [Stev e Henson, reported b y ian@uns. ns.ac.yu ( Ivan Nejge bauer) ] | |||
| 8646 | 5744 | |||||
| 8647 | *) Ugly workaround to get s_ client and s_server working un der Window s. The | 5745 | *) Ugly workaround to get s_ client and s_server working un der Window s. The | |||
| 8648 | old c ode wouldn 't work be cause it n eeded to s elect() on sockets a nd the | 5746 | old c ode wouldn 't work be cause it n eeded to s elect() on sockets a nd the | |||
| 8649 | tty ( for keypre sses and t o see if d ata could be written ). Win32 o nly | 5747 | tty ( for keypre sses and t o see if d ata could be written ). Win32 o nly | |||
| 8650 | suppo rts select () on sock ets so we select() w ith a 1s t imeout on the | 5748 | suppo rts select () on sock ets so we select() w ith a 1s t imeout on the | |||
| 8651 | socke ts and the n see if a ny charact ers are wa iting to b e read, if none | 5749 | socke ts and the n see if a ny charact ers are wa iting to b e read, if none | |||
| 8652 | are p resent the n we retry , we also assume we can always write dat a to | 5750 | are p resent the n we retry , we also assume we can always write dat a to | |||
| 8653 | the t ty. This i sn't nice because th e code the n blocks u ntil we've | 5751 | the t ty. This i sn't nice because th e code the n blocks u ntil we've | |||
| 8654 | recei ved a comp lete line of data an d it is ef fectively polling th e | 5752 | recei ved a comp lete line of data an d it is ef fectively polling th e | |||
| 8655 | keybo ard at 1s intervals: however i t's quite a bit bett er than no t | 5753 | keybo ard at 1s intervals: however i t's quite a bit bett er than no t | |||
| 8656 | worki ng at all :-) A dedi cated Wind ows applic ation migh t handle t his | 5754 | worki ng at all :-) A dedi cated Wind ows applic ation migh t handle t his | |||
| 8657 | with an event l oop for ex ample. | 5755 | with an event l oop for ex ample. | |||
| 8658 | [Stev e Henson] | 5756 | [Stev e Henson] | |||
| 8659 | 5757 | |||||
| 8660 | *) Enhan ce RSA_MET HOD struct ure. Now t here are t wo extra m ethods, rs a_sign | 5758 | *) Enhan ce RSA_MET HOD struct ure. Now t here are t wo extra m ethods, rs a_sign | |||
| 8661 | and r sa_verify. When the RSA_FLAGS_ SIGN_VER o ption is s et these f unctions | 5759 | and r sa_verify. When the RSA_FLAGS_ SIGN_VER o ption is s et these f unctions | |||
| 8662 | will be called when RSA_s ign() and RSA_verify () are use d. This is useful | 5760 | will be called when RSA_s ign() and RSA_verify () are use d. This is useful | |||
| 8663 | if rs a_pub_dec( ) and rsa_ priv_enc() equivalen ts are not available . | 5761 | if rs a_pub_dec( ) and rsa_ priv_enc() equivalen ts are not available . | |||
| 8664 | For t his to wor k properly RSA_publi c_decrypt( ) and RSA_ private_en crypt() | 5762 | For t his to wor k properly RSA_publi c_decrypt( ) and RSA_ private_en crypt() | |||
| 8665 | shoul d *not* be used: RSA _sign() an d RSA_veri fy() must be used in stead. | 5763 | shoul d *not* be used: RSA _sign() an d RSA_veri fy() must be used in stead. | |||
| 8666 | This necessitat ed the sup port of an extra sig nature typ e NID_md5_ sha1 | 5764 | This necessitat ed the sup port of an extra sig nature typ e NID_md5_ sha1 | |||
| 8667 | for S SL signatu res and mo dification s to the S SL library to use it instead | 5765 | for S SL signatu res and mo dification s to the S SL library to use it instead | |||
| 8668 | of ca lling RSA_ public_dec rypt() and RSA_priva te_encrypt (). | 5766 | of ca lling RSA_ public_dec rypt() and RSA_priva te_encrypt (). | |||
| 8669 | [Stev e Henson] | 5767 | [Stev e Henson] | |||
| 8670 | 5768 | |||||
| 8671 | *) Add n ew -verify -CAfile a nd -CApath options t o the crl program, t hese | 5769 | *) Add n ew -verify -CAfile a nd -CApath options t o the crl program, t hese | |||
| 8672 | will lookup a C RL issuers certifica te and ver ify the si gnature in a | 5770 | will lookup a C RL issuers certifica te and ver ify the si gnature in a | |||
| 8673 | simil ar way to the verify program. Tidy up th e crl prog ram so it | 5771 | simil ar way to the verify program. Tidy up th e crl prog ram so it | |||
| 8674 | no lo nger acces ses struct ures direc tly. Make the ASN1 C RL parsing a bit | 5772 | no lo nger acces ses struct ures direc tly. Make the ASN1 C RL parsing a bit | |||
| 8675 | less strict. It will now permit CRL extension s even if it is not | 5773 | less strict. It will now permit CRL extension s even if it is not | |||
| 8676 | a V2 CRL: this will allow it to tol erate some broken CR Ls. | 5774 | a V2 CRL: this will allow it to tol erate some broken CR Ls. | |||
| 8677 | [Stev e Henson] | 5775 | [Stev e Henson] | |||
| 8678 | 5776 | |||||
| 8679 | *) Initi alize all non-automa tic variab les each t ime one of the opens sl | 5777 | *) Initi alize all non-automa tic variab les each t ime one of the opens sl | |||
| 8680 | sub-p rograms is started ( this is ne cessary as they may be started | 5778 | sub-p rograms is started ( this is ne cessary as they may be started | |||
| 8681 | multi ple times from the " OpenSSL>" prompt). | 5779 | multi ple times from the " OpenSSL>" prompt). | |||
| 8682 | [Lenn art Bang, Bodo Moell er] | 5780 | [Lenn art Bang, Bodo Moell er] | |||
| 8683 | 5781 | |||||
| 8684 | *) Preli minary com pilation o ption RSA_ NULL which disables RSA crypto without | 5782 | *) Preli minary com pilation o ption RSA_ NULL which disables RSA crypto without | |||
| 8685 | remov ing all ot her RSA fu nctionalit y (this is what NO_R SA does). This | 5783 | remov ing all ot her RSA fu nctionalit y (this is what NO_R SA does). This | |||
| 8686 | is so (for exam ple) those in the US can disab le those o perations covered | 5784 | is so (for exam ple) those in the US can disab le those o perations covered | |||
| 8687 | by th e RSA pate nt while a llowing st orage and parsing of RSA keys and RSA | 5785 | by th e RSA pate nt while a llowing st orage and parsing of RSA keys and RSA | |||
| 8688 | key g eneration. | 5786 | key g eneration. | |||
| 8689 | [Stev e Henson] | 5787 | [Stev e Henson] | |||
| 8690 | 5788 | |||||
| 8691 | *) Non-c opying int erface to BIO pairs. | 5789 | *) Non-c opying int erface to BIO pairs. | |||
| 8692 | (stil l largely untested) | 5790 | (stil l largely untested) | |||
| 8693 | [Bodo Moeller] | 5791 | [Bodo Moeller] | |||
| 8694 | 5792 | |||||
| 8695 | *) New f unction AN S1_tag2str () to conv ert an ASN 1 tag to a descripti ve | 5793 | *) New f unction AN S1_tag2str () to conv ert an ASN 1 tag to a descripti ve | |||
| 8696 | ASCII string. T his was ha ndled inde pendently in various places be fore. | 5794 | ASCII string. T his was ha ndled inde pendently in various places be fore. | |||
| 8697 | [Stev e Henson] | 5795 | [Stev e Henson] | |||
| 8698 | 5796 | |||||
| 8699 | *) New f unctions U TF8_getc() and UTF8_ putc() tha t parse an d generate | 5797 | *) New f unctions U TF8_getc() and UTF8_ putc() tha t parse an d generate | |||
| 8700 | UTF8 strings a character at a time. | 5798 | UTF8 strings a character at a time. | |||
| 8701 | [Stev e Henson] | 5799 | [Stev e Henson] | |||
| 8702 | 5800 | |||||
| 8703 | *) Use c lient_vers ion from c lient hell o to selec t the prot ocol | 5801 | *) Use c lient_vers ion from c lient hell o to selec t the prot ocol | |||
| 8704 | (s23_ srvr.c) an d for RSA client key exchange verificati on | 5802 | (s23_ srvr.c) an d for RSA client key exchange verificati on | |||
| 8705 | (s3_s rvr.c), as required by the SSL 3.0/TLS 1 .0 specifi cations. | 5803 | (s3_s rvr.c), as required by the SSL 3.0/TLS 1 .0 specifi cations. | |||
| 8706 | [Bodo Moeller] | 5804 | [Bodo Moeller] | |||
| 8707 | 5805 | |||||
| 8708 | *) Add v arious uti lity funct ions to ha ndle SPKAC s, these w ere previo usly | 5806 | *) Add v arious uti lity funct ions to ha ndle SPKAC s, these w ere previo usly | |||
| 8709 | handl ed by poki ng round i n the stru cture inte rnals. Add ed new fun ction | 5807 | handl ed by poki ng round i n the stru cture inte rnals. Add ed new fun ction | |||
| 8710 | NETSC APE_SPKI_p rint() to print out SPKAC and a new util ity 'spkac ' to | 5808 | NETSC APE_SPKI_p rint() to print out SPKAC and a new util ity 'spkac ' to | |||
| 8711 | print , verify a nd generat e SPKACs. Based on a n original idea from | 5809 | print , verify a nd generat e SPKACs. Based on a n original idea from | |||
| 8712 | Massi miliano Pa la <madwol f@comune.m odena.it> but extens ively modi fied. | 5810 | Massi miliano Pa la <madwol f@comune.m odena.it> but extens ively modi fied. | |||
| 8713 | [Stev e Henson] | 5811 | [Stev e Henson] | |||
| 8714 | 5812 | |||||
| 8715 | *) RIPEM D160 is op erational on all pla tforms and is back i n 'make te st'. | 5813 | *) RIPEM D160 is op erational on all pla tforms and is back i n 'make te st'. | |||
| 8716 | [Andy Polyakov] | 5814 | [Andy Polyakov] | |||
| 8717 | 5815 | |||||
| 8718 | *) Allow the confi g file ext ension sec tion to be overwritt en on the | 5816 | *) Allow the confi g file ext ension sec tion to be overwritt en on the | |||
| 8719 | comma nd line. B ased on an original idea from Massimilia no Pala | 5817 | comma nd line. B ased on an original idea from Massimilia no Pala | |||
| 8720 | <madw olf@comune .modena.it >. The new option is called -e xtensions | 5818 | <madw olf@comune .modena.it >. The new option is called -e xtensions | |||
| 8721 | and c an be appl ied to ca, req and x 509. Also -reqexts t o override | 5819 | and c an be appl ied to ca, req and x 509. Also -reqexts t o override | |||
| 8722 | the r equest ext ensions in req and - crlexts to override the crl ex tensions | 5820 | the r equest ext ensions in req and - crlexts to override the crl ex tensions | |||
| 8723 | in ca . | 5821 | in ca . | |||
| 8724 | [Stev e Henson] | 5822 | [Stev e Henson] | |||
| 8725 | 5823 | |||||
| 8726 | *) Add n ew feature to the SP KAC handli ng in ca. Now you c an include | 5824 | *) Add n ew feature to the SP KAC handli ng in ca. Now you c an include | |||
| 8727 | the s ame field multiple t imes by pr eceding it by "XXXX. " for exam ple: | 5825 | the s ame field multiple t imes by pr eceding it by "XXXX. " for exam ple: | |||
| 8728 | 1.OU= "Unit name 1" | 5826 | 1.OU= "Unit name 1" | |||
| 8729 | 2.OU= "Unit name 2" | 5827 | 2.OU= "Unit name 2" | |||
| 8730 | this is the sam e syntax a s used in the req co nfig file. | 5828 | this is the sam e syntax a s used in the req co nfig file. | |||
| 8731 | [Stev e Henson] | 5829 | [Stev e Henson] | |||
| 8732 | 5830 | |||||
| 8733 | *) Allow certifica te extensi ons to be added to c ertificate requests. These | 5831 | *) Allow certifica te extensi ons to be added to c ertificate requests. These | |||
| 8734 | are s pecified i n a 'req_e xtensions' option of the req s ection of the | 5832 | are s pecified i n a 'req_e xtensions' option of the req s ection of the | |||
| 8735 | confi g file. Th ey can be printed ou t with the -text opt ion to req but | 5833 | confi g file. Th ey can be printed ou t with the -text opt ion to req but | |||
| 8736 | are o therwise i gnored at present. | 5834 | are o therwise i gnored at present. | |||
| 8737 | [Stev e Henson] | 5835 | [Stev e Henson] | |||
| 8738 | 5836 | |||||
| 8739 | *) Fix a horrible bug in enc _read() in crypto/ev p/bio_enc. c: if the first | 5837 | *) Fix a horrible bug in enc _read() in crypto/ev p/bio_enc. c: if the first | |||
| 8740 | data read consi sts of onl y the fina l block it would not decrypted because | 5838 | data read consi sts of onl y the fina l block it would not decrypted because | |||
| 8741 | EVP_C ipherUpdat e() would correctly report zer o bytes ha d been dec rypted. | 5839 | EVP_C ipherUpdat e() would correctly report zer o bytes ha d been dec rypted. | |||
| 8742 | A mis placed 'br eak' also meant the decrypted final bloc k might no t be | 5840 | A mis placed 'br eak' also meant the decrypted final bloc k might no t be | |||
| 8743 | copie d until th e next rea d. | 5841 | copie d until th e next rea d. | |||
| 8744 | [Stev e Henson] | 5842 | [Stev e Henson] | |||
| 8745 | 5843 | |||||
| 8746 | *) Initi al support for DH_ME THOD. Agai n based on RSA_METHO D. Also ad ded | 5844 | *) Initi al support for DH_ME THOD. Agai n based on RSA_METHO D. Also ad ded | |||
| 8747 | a few extra par ameters to the DH st ructure: t hese will be useful if | 5845 | a few extra par ameters to the DH st ructure: t hese will be useful if | |||
| 8748 | for e xample we want the v alue of 'q ' or imple ment X9.42 DH. | 5846 | for e xample we want the v alue of 'q ' or imple ment X9.42 DH. | |||
| 8749 | [Stev e Henson] | 5847 | [Stev e Henson] | |||
| 8750 | 5848 | |||||
| 8751 | *) Initi al support for DSA_M ETHOD. Thi s is based on the RS A_METHOD a nd | 5849 | *) Initi al support for DSA_M ETHOD. Thi s is based on the RS A_METHOD a nd | |||
| 8752 | provi des hooks that allow the defau lt DSA fun ctions or functions on a | 5850 | provi des hooks that allow the defau lt DSA fun ctions or functions on a | |||
| 8753 | "per key" basis to be rep laced. Thi s allows h ardware ac celeration and | 5851 | "per key" basis to be rep laced. Thi s allows h ardware ac celeration and | |||
| 8754 | hardw are key st orage to b e handled without ma jor modifi cation to the | 5852 | hardw are key st orage to b e handled without ma jor modifi cation to the | |||
| 8755 | libra ry. Also a dded low l evel modex p hooks an d CRYPTO_E X structur e and | 5853 | libra ry. Also a dded low l evel modex p hooks an d CRYPTO_E X structur e and | |||
| 8756 | assoc iated func tions. | 5854 | assoc iated func tions. | |||
| 8757 | [Stev e Henson] | 5855 | [Stev e Henson] | |||
| 8758 | 5856 | |||||
| 8759 | *) Add a new flag to memory BIOs, BIO_ FLAG_MEM_R DONLY. Thi s marks th e BIO | 5857 | *) Add a new flag to memory BIOs, BIO_ FLAG_MEM_R DONLY. Thi s marks th e BIO | |||
| 8760 | as "r ead only": it can't be written to and th e buffer i t points t o will | 5858 | as "r ead only": it can't be written to and th e buffer i t points t o will | |||
| 8761 | not b e freed. R eading fro m a read o nly BIO is much more efficient than | 5859 | not b e freed. R eading fro m a read o nly BIO is much more efficient than | |||
| 8762 | a nor mal memory BIO. This was added because t here are s everal tim es when | 5860 | a nor mal memory BIO. This was added because t here are s everal tim es when | |||
| 8763 | an ar ea of memo ry needs t o be read from a BIO . The prev ious metho d was | 5861 | an ar ea of memo ry needs t o be read from a BIO . The prev ious metho d was | |||
| 8764 | to cr eate a mem ory BIO an d write th e data to it, this r esults in two | 5862 | to cr eate a mem ory BIO an d write th e data to it, this r esults in two | |||
| 8765 | copie s of the d ata and an O(n^2) re ading algo rithm. The re is a ne w | 5863 | copie s of the d ata and an O(n^2) re ading algo rithm. The re is a ne w | |||
| 8766 | funct ion BIO_ne w_mem_buf( ) which cr eates a re ad only me mory BIO f rom | 5864 | funct ion BIO_ne w_mem_buf( ) which cr eates a re ad only me mory BIO f rom | |||
| 8767 | an ar ea of memo ry. Also m odified th e PKCS#7 r outines to use read only | 5865 | an ar ea of memo ry. Also m odified th e PKCS#7 r outines to use read only | |||
| 8768 | memor y BIOs. | 5866 | memor y BIOs. | |||
| 8769 | [Stev e Henson] | 5867 | [Stev e Henson] | |||
| 8770 | 5868 | |||||
| 8771 | *) Bugfi x: ssl23_g et_client_ hello did not work p roperly wh en called in | 5869 | *) Bugfi x: ssl23_g et_client_ hello did not work p roperly wh en called in | |||
| 8772 | state SSL23_ST_ SR_CLNT_HE LLO_B, i.e . when the first 7 b ytes of | 5870 | state SSL23_ST_ SR_CLNT_HE LLO_B, i.e . when the first 7 b ytes of | |||
| 8773 | a SSL v2-compati ble client hello for SSLv3 or TLSv1 coul d be read, | 5871 | a SSL v2-compati ble client hello for SSLv3 or TLSv1 coul d be read, | |||
| 8774 | but a retry con dition occ ured while trying to read the rest. | 5872 | but a retry con dition occ ured while trying to read the rest. | |||
| 8775 | [Bodo Moeller] | 5873 | [Bodo Moeller] | |||
| 8776 | 5874 | |||||
| 8777 | *) The P KCS7_ENC_C ONTENT_new () functio n was sett ing the co ntent type as | 5875 | *) The P KCS7_ENC_C ONTENT_new () functio n was sett ing the co ntent type as | |||
| 8778 | NID_p kcs7_encry pted by de fault: thi s was wron g since th is should almost | 5876 | NID_p kcs7_encry pted by de fault: thi s was wron g since th is should almost | |||
| 8779 | alway s be NID_p kcs7_data. Also modi fied the P KCS7_set_t ype() to h andle | 5877 | alway s be NID_p kcs7_data. Also modi fied the P KCS7_set_t ype() to h andle | |||
| 8780 | the e ncrypted d ata type: this is a more sensi ble place to put it and it | 5878 | the e ncrypted d ata type: this is a more sensi ble place to put it and it | |||
| 8781 | allow s the PKCS #12 code t o be tidie d up that duplicated this | 5879 | allow s the PKCS #12 code t o be tidie d up that duplicated this | |||
| 8782 | funct ionality. | 5880 | funct ionality. | |||
| 8783 | [Stev e Henson] | 5881 | [Stev e Henson] | |||
| 8784 | 5882 | |||||
| 8785 | *) Chang ed obj_dat .pl script so it tak es its inp ut and out put files on | 5883 | *) Chang ed obj_dat .pl script so it tak es its inp ut and out put files on | |||
| 8786 | the c ommand lin e. This sh ould avoid shell esc ape redire ction prob lems | 5884 | the c ommand lin e. This sh ould avoid shell esc ape redire ction prob lems | |||
| 8787 | under Win32. | 5885 | under Win32. | |||
| 8788 | [Stev e Henson] | 5886 | [Stev e Henson] | |||
| 8789 | 5887 | |||||
| 8790 | *) Initi al support for certi ficate ext ension req uests, the se are inc luded | 5888 | *) Initi al support for certi ficate ext ension req uests, the se are inc luded | |||
| 8791 | in th ings like Xenroll ce rtificate requests. Included f unctions t o allow | 5889 | in th ings like Xenroll ce rtificate requests. Included f unctions t o allow | |||
| 8792 | exten sions to b e obtained and added . | 5890 | exten sions to b e obtained and added . | |||
| 8793 | [Stev e Henson] | 5891 | [Stev e Henson] | |||
| 8794 | 5892 | |||||
| 8795 | *) -crlf option to s_client and s_serv er for sen ding newli nes as | 5893 | *) -crlf option to s_client and s_serv er for sen ding newli nes as | |||
| 8796 | CRLF (as requir ed by many protocols ). | 5894 | CRLF (as requir ed by many protocols ). | |||
| 8797 | [Bodo Moeller] | 5895 | [Bodo Moeller] | |||
| 8798 | 5896 | |||||
| 8799 | Changes b etween 0.9 .3a and 0. 9.4 [09 A ug 1999] | 5897 | Changes b etween 0.9 .3a and 0. 9.4 [09 A ug 1999] | |||
| 8800 | 5898 | |||||
| 8801 | *) Insta ll libRSAg lue.a when OpenSSL i s built wi th RSAref. | 5899 | *) Insta ll libRSAg lue.a when OpenSSL i s built wi th RSAref. | |||
| 8802 | [Ralf S. Engels chall] | 5900 | [Ralf S. Engels chall] | |||
| 8803 | 5901 | |||||
| 8804 | *) A few more ``#i fndef NO_F P_API / #e ndif'' pai rs for con sistency. | 5902 | *) A few more ``#i fndef NO_F P_API / #e ndif'' pai rs for con sistency. | |||
| 8805 | [Andr ija Antoni jevic <The Antony2@bi gfoot.com> ] | 5903 | [Andr ija Antoni jevic <The Antony2@bi gfoot.com> ] | |||
| 8806 | 5904 | |||||
| 8807 | *) Fix - startdate and -endda te (which was missin g) argumen ts to 'ca' | 5905 | *) Fix - startdate and -endda te (which was missin g) argumen ts to 'ca' | |||
| 8808 | progr am. | 5906 | progr am. | |||
| 8809 | [Stev e Henson] | 5907 | [Stev e Henson] | |||
| 8810 | 5908 | |||||
| 8811 | *) New f unction DS A_dup_DH, which dupl icates DSA parameter s/keys as | 5909 | *) New f unction DS A_dup_DH, which dupl icates DSA parameter s/keys as | |||
| 8812 | DH pa rameters/k eys (q is lost durin g that con version, b ut the res ulting | 5910 | DH pa rameters/k eys (q is lost durin g that con version, b ut the res ulting | |||
| 8813 | DH pa rameters c ontain its length). | 5911 | DH pa rameters c ontain its length). | |||
| 8814 | 5912 | |||||
| 8815 | For 1 024-bit p, DSA_gener ate_parame ters follo wed by DSA _dup_DH is | 5913 | For 1 024-bit p, DSA_gener ate_parame ters follo wed by DSA _dup_DH is | |||
| 8816 | much faster tha n DH_gener ate_parame ters (whic h creates parameters | 5914 | much faster tha n DH_gener ate_parame ters (whic h creates parameters | |||
| 8817 | where p = 2*q + 1), and a lso the sm aller q ma kes DH com putations | 5915 | where p = 2*q + 1), and a lso the sm aller q ma kes DH com putations | |||
| 8818 | much more effic ient (160- bit expone ntiation i nstead of 1024-bit | 5916 | much more effic ient (160- bit expone ntiation i nstead of 1024-bit | |||
| 8819 | expon entiation) ; so this provides a convenien t way to s upport DHE | 5917 | expon entiation) ; so this provides a convenien t way to s upport DHE | |||
| 8820 | ciphe rsuites in SSL/TLS s ervers (se e ssl/sslt est.c). I t is of | 5918 | ciphe rsuites in SSL/TLS s ervers (se e ssl/sslt est.c). I t is of | |||
| 8821 | utter importanc e to use | 5919 | utter importanc e to use | |||
| 8822 | S SL_CTX_set _options(s _ctx, SSL_ OP_SINGLE_ DH_USE); | 5920 | S SL_CTX_set _options(s _ctx, SSL_ OP_SINGLE_ DH_USE); | |||
| 8823 | or | 5921 | or | |||
| 8824 | S SL_set_opt ions(s_ctx , SSL_OP_S INGLE_DH_U SE); | 5922 | S SL_set_opt ions(s_ctx , SSL_OP_S INGLE_DH_U SE); | |||
| 8825 | when such DH pa rameters a re used, b ecause oth erwise sma ll subgrou p | 5923 | when such DH pa rameters a re used, b ecause oth erwise sma ll subgrou p | |||
| 8826 | attac ks may bec ome possib le! | 5924 | attac ks may bec ome possib le! | |||
| 8827 | [Bodo Moeller] | 5925 | [Bodo Moeller] | |||
| 8828 | 5926 | |||||
| 8829 | *) Avoid memory le ak in i2d_ DHparams. | 5927 | *) Avoid memory le ak in i2d_ DHparams. | |||
| 8830 | [Bodo Moeller] | 5928 | [Bodo Moeller] | |||
| 8831 | 5929 | |||||
| 8832 | *) Allow the -k op tion to be used more than once in the en c program: | 5930 | *) Allow the -k op tion to be used more than once in the en c program: | |||
| 8833 | this allows the same encr ypted mess age to be read by mu ltiple rec ipients. | 5931 | this allows the same encr ypted mess age to be read by mu ltiple rec ipients. | |||
| 8834 | [Stev e Henson] | 5932 | [Stev e Henson] | |||
| 8835 | 5933 | |||||
| 8836 | *) New f unction OB J_obj2txt( buf, buf_l en, a, no_ name), thi s converts | 5934 | *) New f unction OB J_obj2txt( buf, buf_l en, a, no_ name), thi s converts | |||
| 8837 | an AS N1_OBJECT to a text string. If the "no_n ame" param eter is se t then | 5935 | an AS N1_OBJECT to a text string. If the "no_n ame" param eter is se t then | |||
| 8838 | it wi ll always use the nu merical fo rm of the OID, even if it has a short | 5936 | it wi ll always use the nu merical fo rm of the OID, even if it has a short | |||
| 8839 | or lo ng name. | 5937 | or lo ng name. | |||
| 8840 | [Stev e Henson] | 5938 | [Stev e Henson] | |||
| 8841 | 5939 | |||||
| 8842 | *) Added an extra RSA flag: RSA_FLAG_E XT_PKEY. P reviously the rsa_mo d_exp | 5940 | *) Added an extra RSA flag: RSA_FLAG_E XT_PKEY. P reviously the rsa_mo d_exp | |||
| 8843 | metho d only got called if p,q,dmp1, dmq1,iqmp components were pres ent, | 5941 | metho d only got called if p,q,dmp1, dmq1,iqmp components were pres ent, | |||
| 8844 | other wise bn_mo d_exp was called. In the case of hardwar e keys for example | 5942 | other wise bn_mo d_exp was called. In the case of hardwar e keys for example | |||
| 8845 | no pr ivate key components need be p resent and it might store extr a data | 5943 | no pr ivate key components need be p resent and it might store extr a data | |||
| 8846 | in th e RSA stru cture, whi ch cannot be accesse d from bn_ mod_exp. | 5944 | in th e RSA stru cture, whi ch cannot be accesse d from bn_ mod_exp. | |||
| 8847 | By se tting RSA_ FLAG_EXT_P KEY rsa_mo d_exp will always be called fo r | 5945 | By se tting RSA_ FLAG_EXT_P KEY rsa_mo d_exp will always be called fo r | |||
| 8848 | priva te key ope rations. | 5946 | priva te key ope rations. | |||
| 8849 | [Stev e Henson] | 5947 | [Stev e Henson] | |||
| 8850 | 5948 | |||||
| 8851 | *) Added support f or SPARC L inux. | 5949 | *) Added support f or SPARC L inux. | |||
| 8852 | [Andy Polyakov] | 5950 | [Andy Polyakov] | |||
| 8853 | 5951 | |||||
| 8854 | *) pem_p assword_cb function type incom patibly ch anged from | 5952 | *) pem_p assword_cb function type incom patibly ch anged from | |||
| 8855 | typedef in t pem_pass word_cb(ch ar *buf, i nt size, i nt rwflag) ; | 5953 | typedef in t pem_pass word_cb(ch ar *buf, i nt size, i nt rwflag) ; | |||
| 8856 | to | 5954 | to | |||
| 8857 | ....(char *buf, int size, int rwflag, vo id *userda ta); | 5955 | ....(char *buf, int size, int rwflag, vo id *userda ta); | |||
| 8858 | so th at applica tions can pass data to their c allbacks: | 5956 | so th at applica tions can pass data to their c allbacks: | |||
| 8859 | The P EM[_ASN1]_ {read,writ e}... func tions and macros now take an | 5957 | The P EM[_ASN1]_ {read,writ e}... func tions and macros now take an | |||
| 8860 | addit ional void * argumen t, which i s just han ded throug h whenever | 5958 | addit ional void * argumen t, which i s just han ded throug h whenever | |||
| 8861 | the p assword ca llback is called. | 5959 | the p assword ca llback is called. | |||
| 8862 | [Dami en Miller <dmiller@i logic.com. au>; tiny changes by Bodo Moel ler] | 5960 | [Dami en Miller <dmiller@i logic.com. au>; tiny changes by Bodo Moel ler] | |||
| 8863 | 5961 | |||||
| 8864 | New f unction SS L_CTX_set_ default_pa sswd_cb_us erdata. | 5962 | New f unction SS L_CTX_set_ default_pa sswd_cb_us erdata. | |||
| 8865 | 5963 | |||||
| 8866 | Compa tibility n ote: As ma ny C imple mentations push func tion argum ents | 5964 | Compa tibility n ote: As ma ny C imple mentations push func tion argum ents | |||
| 8867 | onto the stack in reverse order, th e new libr ary versio n is likel y to | 5965 | onto the stack in reverse order, th e new libr ary versio n is likel y to | |||
| 8868 | inter operate wi th program s that hav e been com piled with the old | 5966 | inter operate wi th program s that hav e been com piled with the old | |||
| 8869 | pem_p assword_cb definitio n (PEM_wha tever take s some dat a that | 5967 | pem_p assword_cb definitio n (PEM_wha tever take s some dat a that | |||
| 8870 | happe ns to be o n the stac k as its l ast argume nt, and th e callback | 5968 | happe ns to be o n the stac k as its l ast argume nt, and th e callback | |||
| 8871 | just ignores th is garbage ); but the re is no g uarantee w hatsoever that | 5969 | just ignores th is garbage ); but the re is no g uarantee w hatsoever that | |||
| 8872 | this will work. | 5970 | this will work. | |||
| 8873 | 5971 | |||||
| 8874 | *) The - DPLATFORM= "\"$(PLATF ORM)\"" de finition a nd the sim ilar -DCFL AGS=... | 5972 | *) The - DPLATFORM= "\"$(PLATF ORM)\"" de finition a nd the sim ilar -DCFL AGS=... | |||
| 8875 | (both in crypto /Makefile. ssl for us e by crypt o/cversion .c) caused | 5973 | (both in crypto /Makefile. ssl for us e by crypt o/cversion .c) caused | |||
| 8876 | probl ems not on ly on Wind ows, but a lso on som e Unix pla tforms. | 5974 | probl ems not on ly on Wind ows, but a lso on som e Unix pla tforms. | |||
| 8877 | To av oid proble matic comm and lines, these def initions a re now in an | 5975 | To av oid proble matic comm and lines, these def initions a re now in an | |||
| 8878 | auto- generated file crypt o/buildinf .h (create d by crypt o/Makefile .ssl | 5976 | auto- generated file crypt o/buildinf .h (create d by crypt o/Makefile .ssl | |||
| 8879 | for s tandard "m ake" build s, by util /mk1mf.pl for "mk1mf " builds). | 5977 | for s tandard "m ake" build s, by util /mk1mf.pl for "mk1mf " builds). | |||
| 8880 | [Bodo Moeller] | 5978 | [Bodo Moeller] | |||
| 8881 | 5979 | |||||
| 8882 | *) MIPS III/IV ass embler mod ule is rei mplemented . | 5980 | *) MIPS III/IV ass embler mod ule is rei mplemented . | |||
| 8883 | [Andy Polyakov] | 5981 | [Andy Polyakov] | |||
| 8884 | 5982 | |||||
| 8885 | *) More DES librar y cleanups : remove r eferences to srand/r and and | 5983 | *) More DES librar y cleanups : remove r eferences to srand/r and and | |||
| 8886 | delet e an unuse d file. | 5984 | delet e an unuse d file. | |||
| 8887 | [Ulf Möller] | 5985 | [Ulf Möller] | |||
| 8888 | 5986 | |||||
| 8889 | *) Add s upport for the the f ree Netwid e assemble r (NASM) u nder Win32 , | 5987 | *) Add s upport for the the f ree Netwid e assemble r (NASM) u nder Win32 , | |||
| 8890 | since not many people hav e MASM (ml ) and it c an be hard to obtain . | 5988 | since not many people hav e MASM (ml ) and it c an be hard to obtain . | |||
| 8891 | This is current ly experim ental but it seems t o work OK and pass a ll | 5989 | This is current ly experim ental but it seems t o work OK and pass a ll | |||
| 8892 | the t ests. Chec k out INST ALL.W32 fo r info. | 5990 | the t ests. Chec k out INST ALL.W32 fo r info. | |||
| 8893 | [Stev e Henson] | 5991 | [Stev e Henson] | |||
| 8894 | 5992 | |||||
| 8895 | *) Fix m emory leak s in s3_cl nt.c: All non-anonym ous SSL3/T LS1 connec tions | 5993 | *) Fix m emory leak s in s3_cl nt.c: All non-anonym ous SSL3/T LS1 connec tions | |||
| 8896 | witho ut tempora ry keys ke pt an extr a copy of the server key, | 5994 | witho ut tempora ry keys ke pt an extr a copy of the server key, | |||
| 8897 | and c onnections with temp orary keys did not f ree everyt hing in ca se | 5995 | and c onnections with temp orary keys did not f ree everyt hing in ca se | |||
| 8898 | of an error. | 5996 | of an error. | |||
| 8899 | [Bodo Moeller] | 5997 | [Bodo Moeller] | |||
| 8900 | 5998 | |||||
| 8901 | *) New f unction RS A_check_ke y and new openssl rs a option - check | 5999 | *) New f unction RS A_check_ke y and new openssl rs a option - check | |||
| 8902 | for v erifying t he consist ency of RS A keys. | 6000 | for v erifying t he consist ency of RS A keys. | |||
| 8903 | [Ulf Moeller, B odo Moelle r] | 6001 | [Ulf Moeller, B odo Moelle r] | |||
| 8904 | 6002 | |||||
| 8905 | *) Vario us changes to make W in32 compi le work: | 6003 | *) Vario us changes to make W in32 compi le work: | |||
| 8906 | 1. Ca sts to avo id "loss o f data" wa rnings in p5_crpt2.c | 6004 | 1. Ca sts to avo id "loss o f data" wa rnings in p5_crpt2.c | |||
| 8907 | 2. Ch ange unsig ned int to int in b_ dump.c to avoid "sig ned/unsign ed | 6005 | 2. Ch ange unsig ned int to int in b_ dump.c to avoid "sig ned/unsign ed | |||
| 8908 | co mparison" warnings. | 6006 | co mparison" warnings. | |||
| 8909 | 3. Ad d sk_<TYPE >_sort to DEF file g enerator a nd do make update. | 6007 | 3. Ad d sk_<TYPE >_sort to DEF file g enerator a nd do make update. | |||
| 8910 | [Stev e Henson] | 6008 | [Stev e Henson] | |||
| 8911 | 6009 | |||||
| 8912 | *) Add a debugging option to PKCS#5 v2 key gener ation func tion: when | 6010 | *) Add a debugging option to PKCS#5 v2 key gener ation func tion: when | |||
| 8913 | you # define DEB UG_PKCS5V2 passwords , salts, i teration c ounts and | 6011 | you # define DEB UG_PKCS5V2 passwords , salts, i teration c ounts and | |||
| 8914 | deriv ed keys ar e printed to stderr. | 6012 | deriv ed keys ar e printed to stderr. | |||
| 8915 | [Stev e Henson] | 6013 | [Stev e Henson] | |||
| 8916 | 6014 | |||||
| 8917 | *) Copy the flags in ASN1_ST RING_dup() . | 6015 | *) Copy the flags in ASN1_ST RING_dup() . | |||
| 8918 | [Roma n E. Pavlo v <pre@mo. msk.ru>] | 6016 | [Roma n E. Pavlo v <pre@mo. msk.ru>] | |||
| 8919 | 6017 | |||||
| 8920 | *) The x 509 applic ation mish andled sig ning reque sts contai ning DSA | 6018 | *) The x 509 applic ation mish andled sig ning reque sts contai ning DSA | |||
| 8921 | keys when the s igning key was also DSA and th e paramete rs didn't match. | 6019 | keys when the s igning key was also DSA and th e paramete rs didn't match. | |||
| 8922 | 6020 | |||||
| 8923 | It wa s supposed to omit t he paramet ers when t hey matche d the sign ing key: | 6021 | It wa s supposed to omit t he paramet ers when t hey matche d the sign ing key: | |||
| 8924 | the v erifying s oftware wa s then sup posed to a utomatical ly use the CA's | 6022 | the v erifying s oftware wa s then sup posed to a utomatical ly use the CA's | |||
| 8925 | param eters if t hey were a bsent from the end u ser certif icate. | 6023 | param eters if t hey were a bsent from the end u ser certif icate. | |||
| 8926 | 6024 | |||||
| 8927 | Omitt ing parame ters is no longer re commended. The test was also | 6025 | Omitt ing parame ters is no longer re commended. The test was also | |||
| 8928 | the w rong way r ound! This was proba bly due to unusual b ehaviour i n | 6026 | the w rong way r ound! This was proba bly due to unusual b ehaviour i n | |||
| 8929 | EVP_c mp_paramet ers() whic h returns 1 if the p arameters match. | 6027 | EVP_c mp_paramet ers() whic h returns 1 if the p arameters match. | |||
| 8930 | This meant that parameter s were omi tted when they *didn 't* match and | 6028 | This meant that parameter s were omi tted when they *didn 't* match and | |||
| 8931 | the c ertificate was usele ss. Certif icates sig ned with ' ca' didn't have | 6029 | the c ertificate was usele ss. Certif icates sig ned with ' ca' didn't have | |||
| 8932 | this bug. | 6030 | this bug. | |||
| 8933 | [Stev e Henson, reported b y Doug Eri ckson <Dou g.Erickson @Part.NET> ] | 6031 | [Stev e Henson, reported b y Doug Eri ckson <Dou g.Erickson @Part.NET> ] | |||
| 8934 | 6032 | |||||
| 8935 | *) Memor y leak che cking (-DC RYPTO_MDEB UG) had so me problem s. | 6033 | *) Memor y leak che cking (-DC RYPTO_MDEB UG) had so me problem s. | |||
| 8936 | The i nterface i s as follo ws: | 6034 | The i nterface i s as follo ws: | |||
| 8937 | Appli cations ca n use | 6035 | Appli cations ca n use | |||
| 8938 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_ON) aka MemCheck_s tart(), | 6036 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_ON) aka MemCheck_s tart(), | |||
| 8939 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_OFF) aka MemCheck_ stop(); | 6037 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_OFF) aka MemCheck_ stop(); | |||
| 8940 | "off" is now th e default. | 6038 | "off" is now th e default. | |||
| 8941 | The l ibrary int ernally us es | 6039 | The l ibrary int ernally us es | |||
| 8942 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_DISABLE) aka MemCh eck_off(), | 6040 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_DISABLE) aka MemCh eck_off(), | |||
| 8943 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_ENABLE) aka MemChe ck_on() | 6041 | C RYPTO_mem_ ctrl(CRYPT O_MEM_CHEC K_ENABLE) aka MemChe ck_on() | |||
| 8944 | to di sable memo ry-checkin g temporar ily. | 6042 | to di sable memo ry-checkin g temporar ily. | |||
| 8945 | 6043 | |||||
| 8946 | Some inconsiste nt states that previ ously were possible (and were | 6044 | Some inconsiste nt states that previ ously were possible (and were | |||
| 8947 | even the defaul t) are now avoided. | 6045 | even the defaul t) are now avoided. | |||
| 8948 | 6046 | |||||
| 8949 | -DCRY PTO_MDEBUG _TIME is n ew and add itionally stores the current t ime | 6047 | -DCRY PTO_MDEBUG _TIME is n ew and add itionally stores the current t ime | |||
| 8950 | with each memor y chunk al located; t his is occ asionally more helpf ul | 6048 | with each memor y chunk al located; t his is occ asionally more helpf ul | |||
| 8951 | than just havin g a counte r. | 6049 | than just havin g a counte r. | |||
| 8952 | 6050 | |||||
| 8953 | -DCRY PTO_MDEBUG _THREAD is also new and adds t he thread ID. | 6051 | -DCRY PTO_MDEBUG _THREAD is also new and adds t he thread ID. | |||
| 8954 | 6052 | |||||
| 8955 | -DCRY PTO_MDEBUG _ALL enabl es all of the above, plus any future | 6053 | -DCRY PTO_MDEBUG _ALL enabl es all of the above, plus any future | |||
| 8956 | exten sions. | 6054 | exten sions. | |||
| 8957 | [Bodo Moeller] | 6055 | [Bodo Moeller] | |||
| 8958 | 6056 | |||||
| 8959 | *) Intro duce "mode " for SSL structures (with def aults in S SL_CTX), | 6057 | *) Intro duce "mode " for SSL structures (with def aults in S SL_CTX), | |||
| 8960 | which largely p arallels " options", but is for changing API behavi our, | 6058 | which largely p arallels " options", but is for changing API behavi our, | |||
| 8961 | where as "option s" are abo ut protoco l behaviou r. | 6059 | where as "option s" are abo ut protoco l behaviou r. | |||
| 8962 | Initi al "mode" flags are: | 6060 | Initi al "mode" flags are: | |||
| 8963 | 6061 | |||||
| 8964 | SSL_M ODE_ENABLE _PARTIAL_W RITE All ow SSL_wri te to repo rt success when | 6062 | SSL_M ODE_ENABLE _PARTIAL_W RITE All ow SSL_wri te to repo rt success when | |||
| 8965 | a s ingle reco rd has bee n written. | 6063 | a s ingle reco rd has bee n written. | |||
| 8966 | SSL_M ODE_ACCEPT _MOVING_WR ITE_BUFFER Don't in sist that SSL_write | 6064 | SSL_M ODE_ACCEPT _MOVING_WR ITE_BUFFER Don't in sist that SSL_write | |||
| 8967 | ret ries use t he same bu ffer locat ion. | 6065 | ret ries use t he same bu ffer locat ion. | |||
| 8968 | (Bu t all of t he content s must be | 6066 | (Bu t all of t he content s must be | |||
| 8969 | cop ied!) | 6067 | cop ied!) | |||
| 8970 | [Bodo Moeller] | 6068 | [Bodo Moeller] | |||
| 8971 | 6069 | |||||
| 8972 | *) Bugfi x: SSL_set _options i gnored its parameter , only SSL _CTX_set_o ptions | 6070 | *) Bugfi x: SSL_set _options i gnored its parameter , only SSL _CTX_set_o ptions | |||
| 8973 | worke d. | 6071 | worke d. | |||
| 8974 | 6072 | |||||
| 8975 | *) Fix p roblems wi th no-hmac etc. | 6073 | *) Fix p roblems wi th no-hmac etc. | |||
| 8976 | [Ulf Möller, po inted out by Brian W ellington <bwelling@ tislabs.co m>] | 6074 | [Ulf Möller, po inted out by Brian W ellington <bwelling@ tislabs.co m>] | |||
| 8977 | 6075 | |||||
| 8978 | *) New f unctions R SA_get_def ault_metho d(), RSA_s et_method( ) and | 6076 | *) New f unctions R SA_get_def ault_metho d(), RSA_s et_method( ) and | |||
| 8979 | RSA_g et_method( ). These a llows repl acement of RSA_METHO Ds without having | 6077 | RSA_g et_method( ). These a llows repl acement of RSA_METHO Ds without having | |||
| 8980 | to me ss around with the i nternals o f an RSA s tructure. | 6078 | to me ss around with the i nternals o f an RSA s tructure. | |||
| 8981 | [Stev e Henson] | 6079 | [Stev e Henson] | |||
| 8982 | 6080 | |||||
| 8983 | *) Fix m emory leak s in DSA_d o_sign and DSA_is_pr ime. | 6081 | *) Fix m emory leak s in DSA_d o_sign and DSA_is_pr ime. | |||
| 8984 | Also really ena ble memory leak chec ks in open ssl.c and in some | 6082 | Also really ena ble memory leak chec ks in open ssl.c and in some | |||
| 8985 | test programs. | 6083 | test programs. | |||
| 8986 | [Chad C. Mullig an, Bodo M oeller] | 6084 | [Chad C. Mullig an, Bodo M oeller] | |||
| 8987 | 6085 | |||||
| 8988 | *) Fix a bug in d2 i_ASN1_INT EGER() and i2d_ASN1_ INTEGER() which can mess | 6086 | *) Fix a bug in d2 i_ASN1_INT EGER() and i2d_ASN1_ INTEGER() which can mess | |||
| 8989 | up th e length o f negative integers. This has now been s implified to just | 6087 | up th e length o f negative integers. This has now been s implified to just | |||
| 8990 | store the lengt h when it is first d etermined and use it later, ra ther | 6088 | store the lengt h when it is first d etermined and use it later, ra ther | |||
| 8991 | than trying to keep track of where data is co pied and u pdating it to | 6089 | than trying to keep track of where data is co pied and u pdating it to | |||
| 8992 | point to the en d. | 6090 | point to the en d. | |||
| 8993 | [Stev e Henson, reported b y Brien Wh eeler | 6091 | [Stev e Henson, reported b y Brien Wh eeler | |||
| 8994 | <bwh eeler@auth entica-sec urity.com> ] | 6092 | <bwh eeler@auth entica-sec urity.com> ] | |||
| 8995 | 6093 | |||||
| 8996 | *) Add a new funct ion PKCS7_ signatureV erify. Thi s allows t he verific ation | 6094 | *) Add a new funct ion PKCS7_ signatureV erify. Thi s allows t he verific ation | |||
| 8997 | of a PKCS#7 sig nature but with the signing ce rtificate passed to the | 6095 | of a PKCS#7 sig nature but with the signing ce rtificate passed to the | |||
| 8998 | funct ion itself . This con trasts wit h PKCS7_da taVerify w hich assum es the | 6096 | funct ion itself . This con trasts wit h PKCS7_da taVerify w hich assum es the | |||
| 8999 | certi ficate is present in the PKCS# 7 structur e. This is n't always the | 6097 | certi ficate is present in the PKCS# 7 structur e. This is n't always the | |||
| 9000 | case: certifica tes can be omitted f rom a PKCS #7 structu re and be | 6098 | case: certifica tes can be omitted f rom a PKCS #7 structu re and be | |||
| 9001 | distr ibuted by "out of ba nd" means (such as a certifica te databas e). | 6099 | distr ibuted by "out of ba nd" means (such as a certifica te databas e). | |||
| 9002 | [Stev e Henson] | 6100 | [Stev e Henson] | |||
| 9003 | 6101 | |||||
| 9004 | *) Compl ete the PE M_* macros with DECL ARE_PEM ve rsions to replace th e | 6102 | *) Compl ete the PE M_* macros with DECL ARE_PEM ve rsions to replace th e | |||
| 9005 | funct ion protot ypes in pe m.h, also change uti l/mkdef.pl to add th e | 6103 | funct ion protot ypes in pe m.h, also change uti l/mkdef.pl to add th e | |||
| 9006 | neces sary funct ion names. | 6104 | neces sary funct ion names. | |||
| 9007 | [Stev e Henson] | 6105 | [Stev e Henson] | |||
| 9008 | 6106 | |||||
| 9009 | *) mk1mf .pl (used by Windows builds) d id not pro perly read the | 6107 | *) mk1mf .pl (used by Windows builds) d id not pro perly read the | |||
| 9010 | optio ns set by Configure in the top level Mak efile, and Configure | 6108 | optio ns set by Configure in the top level Mak efile, and Configure | |||
| 9011 | was n ot even ab le to writ e more tha n one opti on correct ly. | 6109 | was n ot even ab le to writ e more tha n one opti on correct ly. | |||
| 9012 | Fixed , now "no- idea no-rc 5 -DCRYPTO _MDEBUG" e tc. works as intende d. | 6110 | Fixed , now "no- idea no-rc 5 -DCRYPTO _MDEBUG" e tc. works as intende d. | |||
| 9013 | [Bodo Moeller] | 6111 | [Bodo Moeller] | |||
| 9014 | 6112 | |||||
| 9015 | *) New f unctions C ONF_load_b io() and C ONF_load_f p() to all ow a confi g | 6113 | *) New f unctions C ONF_load_b io() and C ONF_load_f p() to all ow a confi g | |||
| 9016 | file to be load ed from a BIO or FIL E pointer. The BIO v ersion wil l | 6114 | file to be load ed from a BIO or FIL E pointer. The BIO v ersion wil l | |||
| 9017 | for e xample all ow memory BIOs to co ntain conf ig info. | 6115 | for e xample all ow memory BIOs to co ntain conf ig info. | |||
| 9018 | [Stev e Henson] | 6116 | [Stev e Henson] | |||
| 9019 | 6117 | |||||
| 9020 | *) New f unction "C RYPTO_num_ locks" tha t returns CRYPTO_NUM _LOCKS. | 6118 | *) New f unction "C RYPTO_num_ locks" tha t returns CRYPTO_NUM _LOCKS. | |||
| 9021 | Whoev er hopes t o achieve shared-lib rary compa tibility a cross vers ions | 6119 | Whoev er hopes t o achieve shared-lib rary compa tibility a cross vers ions | |||
| 9022 | must use this, not the co mpile-time macro. | 6120 | must use this, not the co mpile-time macro. | |||
| 9023 | (Exer cise 0.9.4 : Which is the minim um library version r equired by | 6121 | (Exer cise 0.9.4 : Which is the minim um library version r equired by | |||
| 9024 | such programs?) | 6122 | such programs?) | |||
| 9025 | Note: All this applies on ly to mult i-threaded programs, others do n't | 6123 | Note: All this applies on ly to mult i-threaded programs, others do n't | |||
| 9026 | need locks. | 6124 | need locks. | |||
| 9027 | [Bodo Moeller] | 6125 | [Bodo Moeller] | |||
| 9028 | 6126 | |||||
| 9029 | *) Add m issing cas e to s3_cl nt.c state machine - - one of t he new SSL tests | 6127 | *) Add m issing cas e to s3_cl nt.c state machine - - one of t he new SSL tests | |||
| 9030 | throu gh a BIO p air trigge red the de fault case , i.e. | 6128 | throu gh a BIO p air trigge red the de fault case , i.e. | |||
| 9031 | SSLer r(...,SSL_ R_UNKNOWN_ STATE). | 6129 | SSLer r(...,SSL_ R_UNKNOWN_ STATE). | |||
| 9032 | [Bodo Moeller] | 6130 | [Bodo Moeller] | |||
| 9033 | 6131 | |||||
| 9034 | *) New " BIO pair" concept (c rypto/bio/ bss_bio.c) so that a pplication s | 6132 | *) New " BIO pair" concept (c rypto/bio/ bss_bio.c) so that a pplication s | |||
| 9035 | can u se the SSL library e ven if non e of the s pecific BI Os is | 6133 | can u se the SSL library e ven if non e of the s pecific BI Os is | |||
| 9036 | appro priate. | 6134 | appro priate. | |||
| 9037 | [Bodo Moeller] | 6135 | [Bodo Moeller] | |||
| 9038 | 6136 | |||||
| 9039 | *) Fix a bug in i2 d_DSAPubli cKey() whi ch meant i t returned the wrong value | 6137 | *) Fix a bug in i2 d_DSAPubli cKey() whi ch meant i t returned the wrong value | |||
| 9040 | for t he encoded length. | 6138 | for t he encoded length. | |||
| 9041 | [Jeon KyoungHo <khjeon@sd s.samsung. co.kr>] | 6139 | [Jeon KyoungHo <khjeon@sd s.samsung. co.kr>] | |||
| 9042 | 6140 | |||||
| 9043 | *) Add i nitial doc umentation of the X5 09V3 funct ions. | 6141 | *) Add i nitial doc umentation of the X5 09V3 funct ions. | |||
| 9044 | [Stev e Henson] | 6142 | [Stev e Henson] | |||
| 9045 | 6143 | |||||
| 9046 | *) Add a new pair of functio ns PEM_wri te_PKCS8Pr ivateKey() and | 6144 | *) Add a new pair of functio ns PEM_wri te_PKCS8Pr ivateKey() and | |||
| 9047 | PEM_w rite_bio_P KCS8Privat eKey() tha t are equi valent to | 6145 | PEM_w rite_bio_P KCS8Privat eKey() tha t are equi valent to | |||
| 9048 | PEM_w rite_Priva teKey() an d PEM_writ e_bio_Priv ateKey() b ut use the more | 6146 | PEM_w rite_Priva teKey() an d PEM_writ e_bio_Priv ateKey() b ut use the more | |||
| 9049 | secur e PKCS#8 p rivate key format wi th a high iteration count. | 6147 | secur e PKCS#8 p rivate key format wi th a high iteration count. | |||
| 9050 | [Stev e Henson] | 6148 | [Stev e Henson] | |||
| 9051 | 6149 | |||||
| 9052 | *) Fix d eterminati on of Perl interpret er: A perl or perl5 | 6150 | *) Fix d eterminati on of Perl interpret er: A perl or perl5 | |||
| 9053 | _dire ctory_ in $PATH was also accep ted as the interpret er. | 6151 | _dire ctory_ in $PATH was also accep ted as the interpret er. | |||
| 9054 | [Ralf S. Engels chall] | 6152 | [Ralf S. Engels chall] | |||
| 9055 | 6153 | |||||
| 9056 | *) Fix d emos/sign/ sign.c: we ll there w asn't anyt hing stric tly speaki ng | 6154 | *) Fix d emos/sign/ sign.c: we ll there w asn't anyt hing stric tly speaki ng | |||
| 9057 | wrong with it b ut it was very old a nd did thi ngs like c alling | 6155 | wrong with it b ut it was very old a nd did thi ngs like c alling | |||
| 9058 | PEM_A SN1_read() directly and used M D5 for the hash not to mention some | 6156 | PEM_A SN1_read() directly and used M D5 for the hash not to mention some | |||
| 9059 | unusu al formatt ing. | 6157 | unusu al formatt ing. | |||
| 9060 | [Stev e Henson] | 6158 | [Stev e Henson] | |||
| 9061 | 6159 | |||||
| 9062 | *) Fix d emos/selfs ign.c: it used obsol ete and de leted func tions, cha nged | 6160 | *) Fix d emos/selfs ign.c: it used obsol ete and de leted func tions, cha nged | |||
| 9063 | to us e the new extension code. | 6161 | to us e the new extension code. | |||
| 9064 | [Stev e Henson] | 6162 | [Stev e Henson] | |||
| 9065 | 6163 | |||||
| 9066 | *) Imple ment the P EM_read/PE M_write fu nctions in crypto/pe m/pem_all. c | 6164 | *) Imple ment the P EM_read/PE M_write fu nctions in crypto/pe m/pem_all. c | |||
| 9067 | with macros. Th is should make it ea sier to ch ange their form, add extra | 6165 | with macros. Th is should make it ea sier to ch ange their form, add extra | |||
| 9068 | argum ents etc. Fix a few PEM protot ypes which didn't ha ve cipher as a | 6166 | argum ents etc. Fix a few PEM protot ypes which didn't ha ve cipher as a | |||
| 9069 | const ant. | 6167 | const ant. | |||
| 9070 | [Stev e Henson] | 6168 | [Stev e Henson] | |||
| 9071 | 6169 | |||||
| 9072 | *) Add t o configur ation tabl e a new en try that c an specify an altern ative | 6170 | *) Add t o configur ation tabl e a new en try that c an specify an altern ative | |||
| 9073 | name for unistd .h (for pr e-POSIX sy stems); we need this for NeXTs tep, | 6171 | name for unistd .h (for pr e-POSIX sy stems); we need this for NeXTs tep, | |||
| 9074 | accor ding to Ma rk Crispin <MRC@Pand a.COM>. | 6172 | accor ding to Ma rk Crispin <MRC@Pand a.COM>. | |||
| 9075 | [Bodo Moeller] | 6173 | [Bodo Moeller] | |||
| 9076 | 6174 | |||||
| 9077 | #if 0 | 6175 | #if 0 | |||
| 9078 | *) DES C BC did not update th e IV. Weir d. | 6176 | *) DES C BC did not update th e IV. Weir d. | |||
| 9079 | [Ben Laurie] | 6177 | [Ben Laurie] | |||
| 9080 | #else | 6178 | #else | |||
| 9081 | des_c bc_encrypt does not update the IV, but d es_ncbc_en crypt does . | 6179 | des_c bc_encrypt does not update the IV, but d es_ncbc_en crypt does . | |||
| 9082 | Chang ing the be haviour of the forme r might br eak existi ng program s -- | 6180 | Chang ing the be haviour of the forme r might br eak existi ng program s -- | |||
| 9083 | where IV updati ng is need ed, des_nc bc_encrypt can be us ed. | 6181 | where IV updati ng is need ed, des_nc bc_encrypt can be us ed. | |||
| 9084 | #endif | 6182 | #endif | |||
| 9085 | 6183 | |||||
| 9086 | *) When bntest is run from " make test" it drives bc to che ck its | 6184 | *) When bntest is run from " make test" it drives bc to che ck its | |||
| 9087 | calcu lations, a s well as internally checking them. If a n internal check | 6185 | calcu lations, a s well as internally checking them. If a n internal check | |||
| 9088 | fails , it needs to cause bc to give a non-zer o result o r make tes t carries | 6186 | fails , it needs to cause bc to give a non-zer o result o r make tes t carries | |||
| 9089 | on wi thout noti cing the f ailure. Fi xed. | 6187 | on wi thout noti cing the f ailure. Fi xed. | |||
| 9090 | [Ben Laurie] | 6188 | [Ben Laurie] | |||
| 9091 | 6189 | |||||
| 9092 | *) DES l ibrary cle anups. | 6190 | *) DES l ibrary cle anups. | |||
| 9093 | [Ulf Möller] | 6191 | [Ulf Möller] | |||
| 9094 | 6192 | |||||
| 9095 | *) Add s upport for PKCS#5 v2 .0 PBE alg orithms. T his will p ermit PKCS #8 to be | 6193 | *) Add s upport for PKCS#5 v2 .0 PBE alg orithms. T his will p ermit PKCS #8 to be | |||
| 9096 | used with any c ipher unli ke PKCS#5 v1.5 which can at mo st handle 64 bit | 6194 | used with any c ipher unli ke PKCS#5 v1.5 which can at mo st handle 64 bit | |||
| 9097 | ciphe rs. NOTE: although t he key der ivation fu nction has been veri fied | 6195 | ciphe rs. NOTE: although t he key der ivation fu nction has been veri fied | |||
| 9098 | again st some pu blished te st vectors it has no t been ext ensively t ested | 6196 | again st some pu blished te st vectors it has no t been ext ensively t ested | |||
| 9099 | yet. Added a -v 2 "cipher" option to pkcs8 app lication t o allow th e use | 6197 | yet. Added a -v 2 "cipher" option to pkcs8 app lication t o allow th e use | |||
| 9100 | of v2 .0. | 6198 | of v2 .0. | |||
| 9101 | [Stev e Henson] | 6199 | [Stev e Henson] | |||
| 9102 | 6200 | |||||
| 9103 | *) Inste ad of "mkd ir -p", wh ich is not fully por table, use new | 6201 | *) Inste ad of "mkd ir -p", wh ich is not fully por table, use new | |||
| 9104 | Perl script "ut il/mkdir-p .pl". | 6202 | Perl script "ut il/mkdir-p .pl". | |||
| 9105 | [Bodo Moeller] | 6203 | [Bodo Moeller] | |||
| 9106 | 6204 | |||||
| 9107 | *) Rewri te the way password based encr yption (PB E) is hand led. It us ed to | 6205 | *) Rewri te the way password based encr yption (PB E) is hand led. It us ed to | |||
| 9108 | assum e that the ASN1 Algo rithmIdent ifier para meter was a PBEParam eter | 6206 | assum e that the ASN1 Algo rithmIdent ifier para meter was a PBEParam eter | |||
| 9109 | struc ture. This was true for the PK CS#5 v1.5 and PKCS#1 2 PBE algo rithms | 6207 | struc ture. This was true for the PK CS#5 v1.5 and PKCS#1 2 PBE algo rithms | |||
| 9110 | but d oesn't app ly to PKCS #5 v2.0 wh ere it can be someth ing else. Now | 6208 | but d oesn't app ly to PKCS #5 v2.0 wh ere it can be someth ing else. Now | |||
| 9111 | the ' parameter' field of the Algori thmIdentif ier is pas sed to the | 6209 | the ' parameter' field of the Algori thmIdentif ier is pas sed to the | |||
| 9112 | under lying key generation function so it must do its ow n ASN1 par sing. | 6210 | under lying key generation function so it must do its ow n ASN1 par sing. | |||
| 9113 | This has also c hanged the EVP_PBE_C ipherInit( ) function which now has a | 6211 | This has also c hanged the EVP_PBE_C ipherInit( ) function which now has a | |||
| 9114 | 'para meter' arg ument inst ead of lit eral salt and iterat ion count values | 6212 | 'para meter' arg ument inst ead of lit eral salt and iterat ion count values | |||
| 9115 | and t he functio n EVP_PBE_ ALGOR_Ciph erInit() h as been de leted. | 6213 | and t he functio n EVP_PBE_ ALGOR_Ciph erInit() h as been de leted. | |||
| 9116 | [Stev e Henson] | 6214 | [Stev e Henson] | |||
| 9117 | 6215 | |||||
| 9118 | *) Suppo rt for PKC S#5 v1.5 c ompatible password b ased encry ption algo rithms | 6216 | *) Suppo rt for PKC S#5 v1.5 c ompatible password b ased encry ption algo rithms | |||
| 9119 | and P KCS#8 func tionality. New 'pkcs 8' applica tion linke d to opens sl. | 6217 | and P KCS#8 func tionality. New 'pkcs 8' applica tion linke d to opens sl. | |||
| 9120 | Neede d to chang e the PEM_ STRING_EVP _PKEY valu e which wa s just "PR IVATE | 6218 | Neede d to chang e the PEM_ STRING_EVP _PKEY valu e which wa s just "PR IVATE | |||
| 9121 | KEY" because th is clashed with PKCS #8 unencry pted strin g. Since t his | 6219 | KEY" because th is clashed with PKCS #8 unencry pted strin g. Since t his | |||
| 9122 | value was just used as a "magic str ing" and n ot used di rectly its | 6220 | value was just used as a "magic str ing" and n ot used di rectly its | |||
| 9123 | value doesn't m atter. | 6221 | value doesn't m atter. | |||
| 9124 | [Stev e Henson] | 6222 | [Stev e Henson] | |||
| 9125 | 6223 | |||||
| 9126 | *) Intro duce some semblance of const c orrectness to BN. Sh ame C does n't | 6224 | *) Intro duce some semblance of const c orrectness to BN. Sh ame C does n't | |||
| 9127 | suppo rt mutable . | 6225 | suppo rt mutable . | |||
| 9128 | [Ben Laurie] | 6226 | [Ben Laurie] | |||
| 9129 | 6227 | |||||
| 9130 | *) "linu x-sparc64" configura tion (ultr apenguin). | 6228 | *) "linu x-sparc64" configura tion (ultr apenguin). | |||
| 9131 | [Ray Miller <ra y.miller@o ucs.ox.ac. uk>] | 6229 | [Ray Miller <ra y.miller@o ucs.ox.ac. uk>] | |||
| 9132 | "linu x-sparc" c onfigurati on. | 6230 | "linu x-sparc" c onfigurati on. | |||
| 9133 | [Chri stian Fors ter <fo@ha wo.stw.uni -erlangen. de>] | 6231 | [Chri stian Fors ter <fo@ha wo.stw.uni -erlangen. de>] | |||
| 9134 | 6232 | |||||
| 9135 | *) confi g now gene rates no-x xx options for missi ng ciphers . | 6233 | *) confi g now gene rates no-x xx options for missi ng ciphers . | |||
| 9136 | [Ulf Möller] | 6234 | [Ulf Möller] | |||
| 9137 | 6235 | |||||
| 9138 | *) Suppo rt the EBC DIC charac ter set (w ork in pro gress). | 6236 | *) Suppo rt the EBC DIC charac ter set (w ork in pro gress). | |||
| 9139 | File ebcdic.c n ot yet inc luded beca use it has a differe nt license . | 6237 | File ebcdic.c n ot yet inc luded beca use it has a differe nt license . | |||
| 9140 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | 6238 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | |||
| 9141 | 6239 | |||||
| 9142 | *) Suppo rt BS2000/ OSD-POSIX. | 6240 | *) Suppo rt BS2000/ OSD-POSIX. | |||
| 9143 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | 6241 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>] | |||
| 9144 | 6242 | |||||
| 9145 | *) Make callbacks for key ge neration u se void * instead of char *. | 6243 | *) Make callbacks for key ge neration u se void * instead of char *. | |||
| 9146 | [Ben Laurie] | 6244 | [Ben Laurie] | |||
| 9147 | 6245 | |||||
| 9148 | *) Make S/MIME sam ples compi le (not ye t tested). | 6246 | *) Make S/MIME sam ples compi le (not ye t tested). | |||
| 9149 | [Ben Laurie] | 6247 | [Ben Laurie] | |||
| 9150 | 6248 | |||||
| 9151 | *) Addit ional type safe stack s. | 6249 | *) Addit ional type safe stack s. | |||
| 9152 | [Ben Laurie] | 6250 | [Ben Laurie] | |||
| 9153 | 6251 | |||||
| 9154 | *) New c onfigurati on variant s "bsdi-el f-gcc" (BS D/OS 4.x). | 6252 | *) New c onfigurati on variant s "bsdi-el f-gcc" (BS D/OS 4.x). | |||
| 9155 | [Bodo Moeller] | 6253 | [Bodo Moeller] | |||
| 9156 | 6254 | |||||
| 9157 | 6255 | |||||
| 9158 | Changes b etween 0.9 .3 and 0.9 .3a [29 M ay 1999] | 6256 | Changes b etween 0.9 .3 and 0.9 .3a [29 M ay 1999] | |||
| 9159 | 6257 | |||||
| 9160 | *) New c onfigurati on variant "sco5-gcc ". | 6258 | *) New c onfigurati on variant "sco5-gcc ". | |||
| 9161 | 6259 | |||||
| 9162 | *) Updat ed some de mos. | 6260 | *) Updat ed some de mos. | |||
| 9163 | [Sean O Riordai n, Wade Sc holine] | 6261 | [Sean O Riordai n, Wade Sc holine] | |||
| 9164 | 6262 | |||||
| 9165 | *) Add m issing BIO _free at e xit of pkc s12 applic ation. | 6263 | *) Add m issing BIO _free at e xit of pkc s12 applic ation. | |||
| 9166 | [Wu Z higang] | 6264 | [Wu Z higang] | |||
| 9167 | 6265 | |||||
| 9168 | *) Fix m emory leak in conf.c . | 6266 | *) Fix m emory leak in conf.c . | |||
| 9169 | [Stev e Henson] | 6267 | [Stev e Henson] | |||
| 9170 | 6268 | |||||
| 9171 | *) Updat es for Win 32 to asse mbler vers ion of MD5 . | 6269 | *) Updat es for Win 32 to asse mbler vers ion of MD5 . | |||
| 9172 | [Stev e Henson] | 6270 | [Stev e Henson] | |||
| 9173 | 6271 | |||||
| 9174 | *) Set # ! path to perl in ap ps/der_cho p to where we found it | 6272 | *) Set # ! path to perl in ap ps/der_cho p to where we found it | |||
| 9175 | inste ad of usin g a fixed path. | 6273 | inste ad of usin g a fixed path. | |||
| 9176 | [Bodo Moeller] | 6274 | [Bodo Moeller] | |||
| 9177 | 6275 | |||||
| 9178 | *) SHA l ibrary cha nges for i rix64-mips 4-cc. | 6276 | *) SHA l ibrary cha nges for i rix64-mips 4-cc. | |||
| 9179 | [Andy Polyakov] | 6277 | [Andy Polyakov] | |||
| 9180 | 6278 | |||||
| 9181 | *) Impro vements fo r VMS supp ort. | 6279 | *) Impro vements fo r VMS supp ort. | |||
| 9182 | [Rich ard Levitt e] | 6280 | [Rich ard Levitt e] | |||
| 9183 | 6281 | |||||
| 9184 | 6282 | |||||
| 9185 | Changes b etween 0.9 .2b and 0. 9.3 [24 M ay 1999] | 6283 | Changes b etween 0.9 .2b and 0. 9.3 [24 M ay 1999] | |||
| 9186 | 6284 | |||||
| 9187 | *) Bignu m library bug fix. I RIX 6 pass es "make t est" now! | 6285 | *) Bignu m library bug fix. I RIX 6 pass es "make t est" now! | |||
| 9188 | This also avoid s the prob lems with SC4.2 and unpatched SC5. | 6286 | This also avoid s the prob lems with SC4.2 and unpatched SC5. | |||
| 9189 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6287 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9190 | 6288 | |||||
| 9191 | *) New f unctions s k_num, sk_ value and sk_set to replace th e previous macros. | 6289 | *) New f unctions s k_num, sk_ value and sk_set to replace th e previous macros. | |||
| 9192 | These are requi red becaus e of the t ypesafe st ack would otherwise break | 6290 | These are requi red becaus e of the t ypesafe st ack would otherwise break | |||
| 9193 | exist ing code. If old cod e used a s tructure m ember whic h used to be STACK | 6291 | exist ing code. If old cod e used a s tructure m ember whic h used to be STACK | |||
| 9194 | and i s now STAC K_OF (for example ce rt in a PK CS7_SIGNED structure ) with | 6292 | and i s now STAC K_OF (for example ce rt in a PK CS7_SIGNED structure ) with | |||
| 9195 | sk_nu m or sk_va lue it wou ld produce an error because th e num, dat a members | 6293 | sk_nu m or sk_va lue it wou ld produce an error because th e num, dat a members | |||
| 9196 | are n ot present in STACK_ OF. Now it just prod uces a war ning. sk_s et | 6294 | are n ot present in STACK_ OF. Now it just prod uces a war ning. sk_s et | |||
| 9197 | repla ces the ol d method o f assignin g a value to sk_valu e | 6295 | repla ces the ol d method o f assignin g a value to sk_valu e | |||
| 9198 | (e.g. sk_value( x, i) = y) which the library u sed in a f ew cases. Any code | 6296 | (e.g. sk_value( x, i) = y) which the library u sed in a f ew cases. Any code | |||
| 9199 | that does this will no lo nger work (and shoul d use sk_s et instead ) but | 6297 | that does this will no lo nger work (and shoul d use sk_s et instead ) but | |||
| 9200 | this could be r egarded as a "questi onable" be haviour an yway. | 6298 | this could be r egarded as a "questi onable" be haviour an yway. | |||
| 9201 | [Stev e Henson] | 6299 | [Stev e Henson] | |||
| 9202 | 6300 | |||||
| 9203 | *) Fix m ost of the other PKC S#7 bugs. The "exper imental" c ode can no w | 6301 | *) Fix m ost of the other PKC S#7 bugs. The "exper imental" c ode can no w | |||
| 9204 | corre ctly handl e encrypte d S/MIME d ata. | 6302 | corre ctly handl e encrypte d S/MIME d ata. | |||
| 9205 | [Stev e Henson] | 6303 | [Stev e Henson] | |||
| 9206 | 6304 | |||||
| 9207 | *) Chang e type of various DE S function arguments from des_ cblock | 6305 | *) Chang e type of various DE S function arguments from des_ cblock | |||
| 9208 | (whic h means, i n function argument declaratio ns, pointe r to char) | 6306 | (whic h means, i n function argument declaratio ns, pointe r to char) | |||
| 9209 | to de s_cblock * (meaning pointer to array wit h 8 char e lements), | 6307 | to de s_cblock * (meaning pointer to array wit h 8 char e lements), | |||
| 9210 | which allows th e compiler to do mor e typechec king; it w as like | 6308 | which allows th e compiler to do mor e typechec king; it w as like | |||
| 9211 | that back in SS Leay, but with lots of ugly ca sts. | 6309 | that back in SS Leay, but with lots of ugly ca sts. | |||
| 9212 | 6310 | |||||
| 9213 | Intro duce new t ype const_ des_cblock . | 6311 | Intro duce new t ype const_ des_cblock . | |||
| 9214 | [Bodo Moeller] | 6312 | [Bodo Moeller] | |||
| 9215 | 6313 | |||||
| 9216 | *) Reorg anise the PKCS#7 lib rary and g et rid of some of th e more obv ious | 6314 | *) Reorg anise the PKCS#7 lib rary and g et rid of some of th e more obv ious | |||
| 9217 | probl ems: find RecipientI nfo struct ure that m atches rec ipient cer tificate | 6315 | probl ems: find RecipientI nfo struct ure that m atches rec ipient cer tificate | |||
| 9218 | and i nitialise the ASN1 s tructures properly b ased on pa ssed ciphe r. | 6316 | and i nitialise the ASN1 s tructures properly b ased on pa ssed ciphe r. | |||
| 9219 | [Stev e Henson] | 6317 | [Stev e Henson] | |||
| 9220 | 6318 | |||||
| 9221 | *) Belat edly make the BN tes ts actuall y check th e results. | 6319 | *) Belat edly make the BN tes ts actuall y check th e results. | |||
| 9222 | [Ben Laurie] | 6320 | [Ben Laurie] | |||
| 9223 | 6321 | |||||
| 9224 | *) Fix t he encodin g and deco ding of ne gative ASN 1 INTEGERS and conve rsion | 6322 | *) Fix t he encodin g and deco ding of ne gative ASN 1 INTEGERS and conve rsion | |||
| 9225 | to an d from BNs : it was c ompletely broken. Ne w compilat ion option | 6323 | to an d from BNs : it was c ompletely broken. Ne w compilat ion option | |||
| 9226 | NEG_P UBKEY_BUG to allow f or some br oken certi ficates th at encode public | 6324 | NEG_P UBKEY_BUG to allow f or some br oken certi ficates th at encode public | |||
| 9227 | key e lements as negative integers. | 6325 | key e lements as negative integers. | |||
| 9228 | [Stev e Henson] | 6326 | [Stev e Henson] | |||
| 9229 | 6327 | |||||
| 9230 | *) Reorg anize and speed up M D5. | 6328 | *) Reorg anize and speed up M D5. | |||
| 9231 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6329 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9232 | 6330 | |||||
| 9233 | *) VMS s upport. | 6331 | *) VMS s upport. | |||
| 9234 | [Rich ard Levitt e <richard @levitte.o rg>] | 6332 | [Rich ard Levitt e <richard @levitte.o rg>] | |||
| 9235 | 6333 | |||||
| 9236 | *) New o ption -out to asn1pa rse to all ow the par sed struct ure to be | 6334 | *) New o ption -out to asn1pa rse to all ow the par sed struct ure to be | |||
| 9237 | outpu t to a fil e. This is most usef ul when co mbined wit h the -str parse | 6335 | outpu t to a fil e. This is most usef ul when co mbined wit h the -str parse | |||
| 9238 | optio n to exami ne the out put of thi ngs like O CTET STRIN GS. | 6336 | optio n to exami ne the out put of thi ngs like O CTET STRIN GS. | |||
| 9239 | [Stev e Henson] | 6337 | [Stev e Henson] | |||
| 9240 | 6338 | |||||
| 9241 | *) Make SSL librar y a little more fool -proof by not requir ing any lo nger | 6339 | *) Make SSL librar y a little more fool -proof by not requir ing any lo nger | |||
| 9242 | that SSL_set_{a ccept,conn ect}_state be called before | 6340 | that SSL_set_{a ccept,conn ect}_state be called before | |||
| 9243 | SSL_{ accept,con nect} may be used (S SL_set_... _state is omitted | 6341 | SSL_{ accept,con nect} may be used (S SL_set_... _state is omitted | |||
| 9244 | in ma ny applica tions beca use usuall y everythi ng *appear ed* to wor k as | 6342 | in ma ny applica tions beca use usuall y everythi ng *appear ed* to wor k as | |||
| 9245 | inten ded anyway -- now it really wo rks as int ended). | 6343 | inten ded anyway -- now it really wo rks as int ended). | |||
| 9246 | [Bodo Moeller] | 6344 | [Bodo Moeller] | |||
| 9247 | 6345 | |||||
| 9248 | *) Move openssl.cn f out of l ib/. | 6346 | *) Move openssl.cn f out of l ib/. | |||
| 9249 | [Ulf Möller] | 6347 | [Ulf Möller] | |||
| 9250 | 6348 | |||||
| 9251 | *) Fix v arious thi ngs to let OpenSSL e ven pass ` `egcc -pip e -O2 -Wal l | 6349 | *) Fix v arious thi ngs to let OpenSSL e ven pass ` `egcc -pip e -O2 -Wal l | |||
| 9252 | -Wsha dow -Wpoin ter-arith -Wcast-ali gn -Wmissi ng-prototy pes | 6350 | -Wsha dow -Wpoin ter-arith -Wcast-ali gn -Wmissi ng-prototy pes | |||
| 9253 | -Wmis sing-decla rations -W nested-ext erns -Winl ine'' with EGCS 1.1. 2+ | 6351 | -Wmis sing-decla rations -W nested-ext erns -Winl ine'' with EGCS 1.1. 2+ | |||
| 9254 | [Ralf S. Engels chall] | 6352 | [Ralf S. Engels chall] | |||
| 9255 | 6353 | |||||
| 9256 | *) Vario us fixes t o the EVP and PKCS#7 code. It may now be able to | 6354 | *) Vario us fixes t o the EVP and PKCS#7 code. It may now be able to | |||
| 9257 | handl e PKCS#7 e nveloped d ata proper ly. | 6355 | handl e PKCS#7 e nveloped d ata proper ly. | |||
| 9258 | [Seba stian Aker man <sak@p arallelcon sulting.co m>, modifi ed by Stev e] | 6356 | [Seba stian Aker man <sak@p arallelcon sulting.co m>, modifi ed by Stev e] | |||
| 9259 | 6357 | |||||
| 9260 | *) Creat e a duplic ate of the SSL_CTX's CERT in S SL_new ins tead of | 6358 | *) Creat e a duplic ate of the SSL_CTX's CERT in S SL_new ins tead of | |||
| 9261 | copyi ng pointer s. The ce rt_st hand ling is ch anged by t his in | 6359 | copyi ng pointer s. The ce rt_st hand ling is ch anged by t his in | |||
| 9262 | vario us ways (a nd thus wh at used to be known as ctx->de fault_cert | 6360 | vario us ways (a nd thus wh at used to be known as ctx->de fault_cert | |||
| 9263 | is no w called c tx->cert, since we d on't resor t to s->ct x->[defaul t_]cert | 6361 | is no w called c tx->cert, since we d on't resor t to s->ct x->[defaul t_]cert | |||
| 9264 | any l onger when s->cert d oes not gi ve us what we need). | 6362 | any l onger when s->cert d oes not gi ve us what we need). | |||
| 9265 | ssl_c ert_instan tiate beco mes obsole te by this change. | 6363 | ssl_c ert_instan tiate beco mes obsole te by this change. | |||
| 9266 | As so on as we'v e got the new code r ight (poss ibly it al ready is?) , | 6364 | As so on as we'v e got the new code r ight (poss ibly it al ready is?) , | |||
| 9267 | we ha ve solved a couple o f bugs of the earlie r code whe re s->cert | 6365 | we ha ve solved a couple o f bugs of the earlie r code whe re s->cert | |||
| 9268 | was u sed as if it could n ot have be en shared with other SSL struc tures. | 6366 | was u sed as if it could n ot have be en shared with other SSL struc tures. | |||
| 9269 | 6367 | |||||
| 9270 | Note that using the SSL A PI in cert ain dirty ways now w ill result | 6368 | Note that using the SSL A PI in cert ain dirty ways now w ill result | |||
| 9271 | in di fferent be haviour th an observe d with ear lier libra ry version s: | 6369 | in di fferent be haviour th an observe d with ear lier libra ry version s: | |||
| 9272 | Chang ing settin gs for an SSL_CTX *c tx after h aving done s = SSL_n ew(ctx) | 6370 | Chang ing settin gs for an SSL_CTX *c tx after h aving done s = SSL_n ew(ctx) | |||
| 9273 | does not influe nce s as i t used to. | 6371 | does not influe nce s as i t used to. | |||
| 9274 | 6372 | |||||
| 9275 | In or der to cle an up thin gs more th oroughly, inside SSL _SESSION | 6373 | In or der to cle an up thin gs more th oroughly, inside SSL _SESSION | |||
| 9276 | we do n't use CE RT any lon ger, but a new struc ture SESS_ CERT | 6374 | we do n't use CE RT any lon ger, but a new struc ture SESS_ CERT | |||
| 9277 | that holds per- session da ta (if ava ilable); c urrently, this is | 6375 | that holds per- session da ta (if ava ilable); c urrently, this is | |||
| 9278 | the p eer's cert ificate ch ain and, f or clients , the serv er's certi ficate | 6376 | the p eer's cert ificate ch ain and, f or clients , the serv er's certi ficate | |||
| 9279 | and t emporary k ey. CERT holds only those val ues that c an have | 6377 | and t emporary k ey. CERT holds only those val ues that c an have | |||
| 9280 | meani ngful defa ults in an SSL_CTX. | 6378 | meani ngful defa ults in an SSL_CTX. | |||
| 9281 | [Bodo Moeller] | 6379 | [Bodo Moeller] | |||
| 9282 | 6380 | |||||
| 9283 | *) New f unction X5 09V3_EXT_i 2d() to cr eate an X5 09_EXTENSI ON structu re | 6381 | *) New f unction X5 09V3_EXT_i 2d() to cr eate an X5 09_EXTENSI ON structu re | |||
| 9284 | from the intern al represe ntation. V arious PKC S#7 fixes: remove so me | 6382 | from the intern al represe ntation. V arious PKC S#7 fixes: remove so me | |||
| 9285 | evil casts and set the en c_dig_alg field prop erly based on the si gning | 6383 | evil casts and set the en c_dig_alg field prop erly based on the si gning | |||
| 9286 | key t ype. | 6384 | key t ype. | |||
| 9287 | [Stev e Henson] | 6385 | [Stev e Henson] | |||
| 9288 | 6386 | |||||
| 9289 | *) Allow PKCS#12 p assword to be set fr om the com mand line or the | 6387 | *) Allow PKCS#12 p assword to be set fr om the com mand line or the | |||
| 9290 | envir onment. Le t 'ca' get its confi g file nam e from the environme nt | 6388 | envir onment. Le t 'ca' get its confi g file nam e from the environme nt | |||
| 9291 | varia bles "OPEN SSL_CONF" or "SSLEAY _CONF" (fo r consiste ncy with ' req' | 6389 | varia bles "OPEN SSL_CONF" or "SSLEAY _CONF" (fo r consiste ncy with ' req' | |||
| 9292 | and ' x509'). | 6390 | and ' x509'). | |||
| 9293 | [Stev e Henson] | 6391 | [Stev e Henson] | |||
| 9294 | 6392 | |||||
| 9295 | *) Allow certifica te policie s extensio n to use a n IA5STRIN G for the | 6393 | *) Allow certifica te policie s extensio n to use a n IA5STRIN G for the | |||
| 9296 | organ ization fi eld. This is contrar y to the P KIX defini tion but | 6394 | organ ization fi eld. This is contrar y to the P KIX defini tion but | |||
| 9297 | VeriS ign uses i t and IE5 only recog nises this form. Doc ument 'x50 9' | 6395 | VeriS ign uses i t and IE5 only recog nises this form. Doc ument 'x50 9' | |||
| 9298 | exten sion optio n. | 6396 | exten sion optio n. | |||
| 9299 | [Stev e Henson] | 6397 | [Stev e Henson] | |||
| 9300 | 6398 | |||||
| 9301 | *) Add P EDANTIC co mpiler fla g to allow compilati on with gc c -pedanti c, | 6399 | *) Add P EDANTIC co mpiler fla g to allow compilati on with gc c -pedanti c, | |||
| 9302 | witho ut disallo wing inlin e assemble r and the like for n on-pedanti c builds. | 6400 | witho ut disallo wing inlin e assemble r and the like for n on-pedanti c builds. | |||
| 9303 | [Ben Laurie] | 6401 | [Ben Laurie] | |||
| 9304 | 6402 | |||||
| 9305 | *) Suppo rt Borland C++ build er. | 6403 | *) Suppo rt Borland C++ build er. | |||
| 9306 | [Jane z Jere <jj @void.si>, modified by Ulf Möl ler] | 6404 | [Jane z Jere <jj @void.si>, modified by Ulf Möl ler] | |||
| 9307 | 6405 | |||||
| 9308 | *) Suppo rt Mingw32 . | 6406 | *) Suppo rt Mingw32 . | |||
| 9309 | [Ulf Möller] | 6407 | [Ulf Möller] | |||
| 9310 | 6408 | |||||
| 9311 | *) SHA-1 cleanups and perfor mance enha ncements. | 6409 | *) SHA-1 cleanups and perfor mance enha ncements. | |||
| 9312 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6410 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9313 | 6411 | |||||
| 9314 | *) Sparc v8plus as sembler fo r the bign um library . | 6412 | *) Sparc v8plus as sembler fo r the bign um library . | |||
| 9315 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6413 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9316 | 6414 | |||||
| 9317 | *) Accep t any -xxx and +xxx compiler o ptions in Configure. | 6415 | *) Accep t any -xxx and +xxx compiler o ptions in Configure. | |||
| 9318 | [Ulf Möller] | 6416 | [Ulf Möller] | |||
| 9319 | 6417 | |||||
| 9320 | *) Updat e HPUX con figuration . | 6418 | *) Updat e HPUX con figuration . | |||
| 9321 | [Anon ymous] | 6419 | [Anon ymous] | |||
| 9322 | 6420 | |||||
| 9323 | *) Add m issing sk_ <type>_uns hift() fun ction to s afestack.h | 6421 | *) Add m issing sk_ <type>_uns hift() fun ction to s afestack.h | |||
| 9324 | [Ralf S. Engels chall] | 6422 | [Ralf S. Engels chall] | |||
| 9325 | 6423 | |||||
| 9326 | *) New f unction SS L_CTX_use_ certificat e_chain_fi le that se ts the | 6424 | *) New f unction SS L_CTX_use_ certificat e_chain_fi le that se ts the | |||
| 9327 | "extr a_cert"s i n addition to the ce rtificate. (This ma kes sense | 6425 | "extr a_cert"s i n addition to the ce rtificate. (This ma kes sense | |||
| 9328 | only for "PEM" format fil es, as cha ins as a w hole are n ot | 6426 | only for "PEM" format fil es, as cha ins as a w hole are n ot | |||
| 9329 | DER-e ncoded.) | 6427 | DER-e ncoded.) | |||
| 9330 | [Bodo Moeller] | 6428 | [Bodo Moeller] | |||
| 9331 | 6429 | |||||
| 9332 | *) Suppo rt verify_ depth from the SSL A PI. | 6430 | *) Suppo rt verify_ depth from the SSL A PI. | |||
| 9333 | x509_ vfy.c had what can b e consider ed an off- by-one-err or: | 6431 | x509_ vfy.c had what can b e consider ed an off- by-one-err or: | |||
| 9334 | Its d epth (whic h was not part of th e external interface ) | 6432 | Its d epth (whic h was not part of th e external interface ) | |||
| 9335 | was a ctually co unting the number of certifica tes in a c hain; | 6433 | was a ctually co unting the number of certifica tes in a c hain; | |||
| 9336 | now i t really c ounts the depth. | 6434 | now i t really c ounts the depth. | |||
| 9337 | [Bodo Moeller] | 6435 | [Bodo Moeller] | |||
| 9338 | 6436 | |||||
| 9339 | *) Bugfi x in crypt o/x509/x50 9_cmp.c: T he SSLerr macro was used | 6437 | *) Bugfi x in crypt o/x509/x50 9_cmp.c: T he SSLerr macro was used | |||
| 9340 | inste ad of X509 err, which often res ulted in c onfusing e rror | 6438 | inste ad of X509 err, which often res ulted in c onfusing e rror | |||
| 9341 | messa ges since the error codes are not global ly unique | 6439 | messa ges since the error codes are not global ly unique | |||
| 9342 | (e.g. an allege d error in ssl3_acce pt when a certificat e | 6440 | (e.g. an allege d error in ssl3_acce pt when a certificat e | |||
| 9343 | didn' t match th e private key). | 6441 | didn' t match th e private key). | |||
| 9344 | 6442 | |||||
| 9345 | *) New f unction SS L_CTX_set_ session_id _context t hat allows to set a default | 6443 | *) New f unction SS L_CTX_set_ session_id _context t hat allows to set a default | |||
| 9346 | value (so that you don't need SSL_s et_session _id_contex t for each | 6444 | value (so that you don't need SSL_s et_session _id_contex t for each | |||
| 9347 | conne ction usin g the SSL_ CTX). | 6445 | conne ction usin g the SSL_ CTX). | |||
| 9348 | [Bodo Moeller] | 6446 | [Bodo Moeller] | |||
| 9349 | 6447 | |||||
| 9350 | *) OAEP decoding b ug fix. | 6448 | *) OAEP decoding b ug fix. | |||
| 9351 | [Ulf Möller] | 6449 | [Ulf Möller] | |||
| 9352 | 6450 | |||||
| 9353 | *) Suppo rt INSTALL _PREFIX fo r package builders, as propose d by | 6451 | *) Suppo rt INSTALL _PREFIX fo r package builders, as propose d by | |||
| 9354 | David Harris. | 6452 | David Harris. | |||
| 9355 | [Bodo Moeller] | 6453 | [Bodo Moeller] | |||
| 9356 | 6454 | |||||
| 9357 | *) New C onfigure o ptions "th reads" and "no-threa ds". For systems | 6455 | *) New C onfigure o ptions "th reads" and "no-threa ds". For systems | |||
| 9358 | where the prope r compiler options a re known ( currently Solaris | 6456 | where the prope r compiler options a re known ( currently Solaris | |||
| 9359 | and L inux), "th reads" is the defaul t. | 6457 | and L inux), "th reads" is the defaul t. | |||
| 9360 | [Bodo Moeller] | 6458 | [Bodo Moeller] | |||
| 9361 | 6459 | |||||
| 9362 | *) New s cript util /mklink.pl as a fast er substit ute for ut il/mklink. sh. | 6460 | *) New s cript util /mklink.pl as a fast er substit ute for ut il/mklink. sh. | |||
| 9363 | [Bodo Moeller] | 6461 | [Bodo Moeller] | |||
| 9364 | 6462 | |||||
| 9365 | *) Insta ll various scripts t o $(OPENSS LDIR)/misc , not to | 6463 | *) Insta ll various scripts t o $(OPENSS LDIR)/misc , not to | |||
| 9366 | $(INS TALLTOP)/b in -- they shouldn't clutter d irectories | 6464 | $(INS TALLTOP)/b in -- they shouldn't clutter d irectories | |||
| 9367 | such as /usr/lo cal/bin. | 6465 | such as /usr/lo cal/bin. | |||
| 9368 | [Bodo Moeller] | 6466 | [Bodo Moeller] | |||
| 9369 | 6467 | |||||
| 9370 | *) "make linux-sha red" to bu ild shared libraries . | 6468 | *) "make linux-sha red" to bu ild shared libraries . | |||
| 9371 | [Niel s Poppe <n iels@netbo x.org>] | 6469 | [Niel s Poppe <n iels@netbo x.org>] | |||
| 9372 | 6470 | |||||
| 9373 | *) New C onfigure o ption no-< cipher> (r sa, idea, rc5, ...). | 6471 | *) New C onfigure o ption no-< cipher> (r sa, idea, rc5, ...). | |||
| 9374 | [Ulf Möller] | 6472 | [Ulf Möller] | |||
| 9375 | 6473 | |||||
| 9376 | *) Add t he PKCS#12 API docum entation t o openssl. txt. Preli minary sup port for | 6474 | *) Add t he PKCS#12 API docum entation t o openssl. txt. Preli minary sup port for | |||
| 9377 | exten sion addin g in x509 utility. | 6475 | exten sion addin g in x509 utility. | |||
| 9378 | [Stev e Henson] | 6476 | [Stev e Henson] | |||
| 9379 | 6477 | |||||
| 9380 | *) Remov e NOPROTO sections a nd error c ode commen ts. | 6478 | *) Remov e NOPROTO sections a nd error c ode commen ts. | |||
| 9381 | [Ulf Möller] | 6479 | [Ulf Möller] | |||
| 9382 | 6480 | |||||
| 9383 | *) Parti al rewrite of the DE F file gen erator to now parse the ANSI | 6481 | *) Parti al rewrite of the DE F file gen erator to now parse the ANSI | |||
| 9384 | proto types. | 6482 | proto types. | |||
| 9385 | [Stev e Henson] | 6483 | [Stev e Henson] | |||
| 9386 | 6484 | |||||
| 9387 | *) New C onfigure o ptions --p refix=DIR and --open ssldir=DIR . | 6485 | *) New C onfigure o ptions --p refix=DIR and --open ssldir=DIR . | |||
| 9388 | [Ulf Möller] | 6486 | [Ulf Möller] | |||
| 9389 | 6487 | |||||
| 9390 | *) Compl ete rewrit e of the e rror code script(s). It is all now handl ed | 6488 | *) Compl ete rewrit e of the e rror code script(s). It is all now handl ed | |||
| 9391 | by on e script a t the top level whic h handles error code gathering , | 6489 | by on e script a t the top level whic h handles error code gathering , | |||
| 9392 | heade r rewritin g and C so urce file generation . It shoul d be much better | 6490 | heade r rewritin g and C so urce file generation . It shoul d be much better | |||
| 9393 | than the old me thod: it n ow uses a modified v ersion of Ulf's pars er to | 6491 | than the old me thod: it n ow uses a modified v ersion of Ulf's pars er to | |||
| 9394 | read the ANSI p rototypes in all hea der files (thus the old K&R de finitions | 6492 | read the ANSI p rototypes in all hea der files (thus the old K&R de finitions | |||
| 9395 | aren' t needed f or error c reation an y more) an d do a bet ter job of | 6493 | aren' t needed f or error c reation an y more) an d do a bet ter job of | |||
| 9396 | trans lating fun ction code s into nam es. The ol d 'ASN1 er ror code i mbedded | 6494 | trans lating fun ction code s into nam es. The ol d 'ASN1 er ror code i mbedded | |||
| 9397 | in a comment' i s no longe r necessar y and it d oesn't use .err file s which | 6495 | in a comment' i s no longe r necessar y and it d oesn't use .err file s which | |||
| 9398 | have now been d eleted. Al so the err or code ca ll doesn't have to a ppear all | 6496 | have now been d eleted. Al so the err or code ca ll doesn't have to a ppear all | |||
| 9399 | on on e line (wh ich result ed in some large lin es...). | 6497 | on on e line (wh ich result ed in some large lin es...). | |||
| 9400 | [Stev e Henson] | 6498 | [Stev e Henson] | |||
| 9401 | 6499 | |||||
| 9402 | *) Chang e #include filenames from <foo .h> to <op enssl/foo. h>. | 6500 | *) Chang e #include filenames from <foo .h> to <op enssl/foo. h>. | |||
| 9403 | [Bodo Moeller] | 6501 | [Bodo Moeller] | |||
| 9404 | 6502 | |||||
| 9405 | *) Chang e behaviou r of ssl2_ read when facing len gth-0 pack ets: Don't return | 6503 | *) Chang e behaviou r of ssl2_ read when facing len gth-0 pack ets: Don't return | |||
| 9406 | 0 (wh ich usuall y indicate s a closed connectio n), but co ntinue rea ding. | 6504 | 0 (wh ich usuall y indicate s a closed connectio n), but co ntinue rea ding. | |||
| 9407 | [Bodo Moeller] | 6505 | [Bodo Moeller] | |||
| 9408 | 6506 | |||||
| 9409 | *) Fix s ome race c onditions. | 6507 | *) Fix s ome race c onditions. | |||
| 9410 | [Bodo Moeller] | 6508 | [Bodo Moeller] | |||
| 9411 | 6509 | |||||
| 9412 | *) Add s upport for CRL distr ibution po ints exten sion. Add Certificat e | 6510 | *) Add s upport for CRL distr ibution po ints exten sion. Add Certificat e | |||
| 9413 | Polic ies and CR L distribu tion point s document ation. | 6511 | Polic ies and CR L distribu tion point s document ation. | |||
| 9414 | [Stev e Henson] | 6512 | [Stev e Henson] | |||
| 9415 | 6513 | |||||
| 9416 | *) Move the autoge nerated he ader file parts to c rypto/open sslconf.h. | 6514 | *) Move the autoge nerated he ader file parts to c rypto/open sslconf.h. | |||
| 9417 | [Ulf Möller] | 6515 | [Ulf Möller] | |||
| 9418 | 6516 | |||||
| 9419 | *) Fix n ew 56-bit DES export ciphersui tes: they were using 7 bytes i nstead of | 6517 | *) Fix n ew 56-bit DES export ciphersui tes: they were using 7 bytes i nstead of | |||
| 9420 | 8 of keying mat erial. Mer lin has al so confirm ed interop with this fix | 6518 | 8 of keying mat erial. Mer lin has al so confirm ed interop with this fix | |||
| 9421 | betwe en OpenSSL and Balti more C/SSL 2.0 and J /SSL 2.0. | 6519 | betwe en OpenSSL and Balti more C/SSL 2.0 and J /SSL 2.0. | |||
| 9422 | [Merl in Hughes <merlin@ba ltimore.ie >] | 6520 | [Merl in Hughes <merlin@ba ltimore.ie >] | |||
| 9423 | 6521 | |||||
| 9424 | *) Fix l ots of war nings. | 6522 | *) Fix l ots of war nings. | |||
| 9425 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 6523 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 9426 | 6524 | |||||
| 9427 | *) In ad d_cert_dir () in cryp to/x509/by _dir.c, br eak out of the loop if | 6525 | *) In ad d_cert_dir () in cryp to/x509/by _dir.c, br eak out of the loop if | |||
| 9428 | the d irectory s pec didn't end with a LIST_SEP ARATOR_CHA R. | 6526 | the d irectory s pec didn't end with a LIST_SEP ARATOR_CHA R. | |||
| 9429 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 6527 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 9430 | 6528 | |||||
| 9431 | *) Fix p roblems wi th sizeof( long) == 8 . | 6529 | *) Fix p roblems wi th sizeof( long) == 8 . | |||
| 9432 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6530 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9433 | 6531 | |||||
| 9434 | *) Chang e function s to ANSI C. | 6532 | *) Chang e function s to ANSI C. | |||
| 9435 | [Ulf Möller] | 6533 | [Ulf Möller] | |||
| 9436 | 6534 | |||||
| 9437 | *) Fix t ypos in er ror codes. | 6535 | *) Fix t ypos in er ror codes. | |||
| 9438 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>, Ulf M öller] | 6536 | [Mart in Kraemer <Martin.K raemer@Mch P.Siemens. De>, Ulf M öller] | |||
| 9439 | 6537 | |||||
| 9440 | *) Remov e defunct assembler files from Configure . | 6538 | *) Remov e defunct assembler files from Configure . | |||
| 9441 | [Ulf Möller] | 6539 | [Ulf Möller] | |||
| 9442 | 6540 | |||||
| 9443 | *) SPARC v8 assemb ler BIGNUM implement ation. | 6541 | *) SPARC v8 assemb ler BIGNUM implement ation. | |||
| 9444 | [Andy Polyakov <appro@fy. chalmers.s e>] | 6542 | [Andy Polyakov <appro@fy. chalmers.s e>] | |||
| 9445 | 6543 | |||||
| 9446 | *) Suppo rt for Cer tificate P olicies ex tension: b oth print and set. | 6544 | *) Suppo rt for Cer tificate P olicies ex tension: b oth print and set. | |||
| 9447 | Vario us additio ns to supp ort the r2 i method t his uses. | 6545 | Vario us additio ns to supp ort the r2 i method t his uses. | |||
| 9448 | [Stev e Henson] | 6546 | [Stev e Henson] | |||
| 9449 | 6547 | |||||
| 9450 | *) A lot of consti fication, and fix a bug in X50 9_NAME_one line() tha t could | 6548 | *) A lot of consti fication, and fix a bug in X50 9_NAME_one line() tha t could | |||
| 9451 | retur n a const string whe n you are expecting an allocat ed buffer. | 6549 | retur n a const string whe n you are expecting an allocat ed buffer. | |||
| 9452 | [Ben Laurie] | 6550 | [Ben Laurie] | |||
| 9453 | 6551 | |||||
| 9454 | *) Add s upport for ASN1 type s UTF8Stri ng and VIS IBLESTRING , also the CHOICE | 6552 | *) Add s upport for ASN1 type s UTF8Stri ng and VIS IBLESTRING , also the CHOICE | |||
| 9455 | types Directory String and DisplayTe xt. | 6553 | types Directory String and DisplayTe xt. | |||
| 9456 | [Stev e Henson] | 6554 | [Stev e Henson] | |||
| 9457 | 6555 | |||||
| 9458 | *) Add c ode to all ow r2i ext ensions to access th e configur ation data base, | 6556 | *) Add c ode to all ow r2i ext ensions to access th e configur ation data base, | |||
| 9459 | add a n LHASH da tabase dri ver and ad d several ctx helper functions . | 6557 | add a n LHASH da tabase dri ver and ad d several ctx helper functions . | |||
| 9460 | [Stev e Henson] | 6558 | [Stev e Henson] | |||
| 9461 | 6559 | |||||
| 9462 | *) Fix a n evil bug in bn_exp and2() whi ch caused various BN functions to | 6560 | *) Fix a n evil bug in bn_exp and2() whi ch caused various BN functions to | |||
| 9463 | fail when they extended t he size of a BIGNUM. | 6561 | fail when they extended t he size of a BIGNUM. | |||
| 9464 | [Stev e Henson] | 6562 | [Stev e Henson] | |||
| 9465 | 6563 | |||||
| 9466 | *) Vario us utility functions to handle SXNet ext ension. Mo dify mkdef .pl to | 6564 | *) Vario us utility functions to handle SXNet ext ension. Mo dify mkdef .pl to | |||
| 9467 | suppo rt typesaf e stack. | 6565 | suppo rt typesaf e stack. | |||
| 9468 | [Stev e Henson] | 6566 | [Stev e Henson] | |||
| 9469 | 6567 | |||||
| 9470 | *) Fix t ypo in SSL _[gs]et_op tions(). | 6568 | *) Fix t ypo in SSL _[gs]et_op tions(). | |||
| 9471 | [Nils Frostberg <nils@med com.se>] | 6569 | [Nils Frostberg <nils@med com.se>] | |||
| 9472 | 6570 | |||||
| 9473 | *) Delet e various functions and files that belon ged to the (now obso lete) | 6571 | *) Delet e various functions and files that belon ged to the (now obso lete) | |||
| 9474 | old X 509V3 hand ling code. | 6572 | old X 509V3 hand ling code. | |||
| 9475 | [Stev e Henson] | 6573 | [Stev e Henson] | |||
| 9476 | 6574 | |||||
| 9477 | *) New C onfigure o ption "rsa ref". | 6575 | *) New C onfigure o ption "rsa ref". | |||
| 9478 | [Ulf Möller] | 6576 | [Ulf Möller] | |||
| 9479 | 6577 | |||||
| 9480 | *) Don't auto-gene rate pem.h . | 6578 | *) Don't auto-gene rate pem.h . | |||
| 9481 | [Bodo Moeller] | 6579 | [Bodo Moeller] | |||
| 9482 | 6580 | |||||
| 9483 | *) Intro duce type- safe ASN.1 SETs. | 6581 | *) Intro duce type- safe ASN.1 SETs. | |||
| 9484 | [Ben Laurie] | 6582 | [Ben Laurie] | |||
| 9485 | 6583 | |||||
| 9486 | *) Conve rt various additiona l casted s tacks to t ype-safe S TACK_OF() variants. | 6584 | *) Conve rt various additiona l casted s tacks to t ype-safe S TACK_OF() variants. | |||
| 9487 | [Ben Laurie, Ra lf S. Enge lschall, S teve Henso n] | 6585 | [Ben Laurie, Ra lf S. Enge lschall, S teve Henso n] | |||
| 9488 | 6586 | |||||
| 9489 | *) Intro duce type- safe STACK s. This wi ll almost certainly break lots of code | 6587 | *) Intro duce type- safe STACK s. This wi ll almost certainly break lots of code | |||
| 9490 | that links with OpenSSL ( well at le ast cause lots of wa rnings), b ut fear | 6588 | that links with OpenSSL ( well at le ast cause lots of wa rnings), b ut fear | |||
| 9491 | not: the conver sion is tr ivial, and it elimin ates loads of evil c asts. A | 6589 | not: the conver sion is tr ivial, and it elimin ates loads of evil c asts. A | |||
| 9492 | few S TACKed thi ngs have b een conver ted alread y. Feel fr ee to conv ert more. | 6590 | few S TACKed thi ngs have b een conver ted alread y. Feel fr ee to conv ert more. | |||
| 9493 | In th e fullness of time, I'll do aw ay with th e STACK ty pe altoget her. | 6591 | In th e fullness of time, I'll do aw ay with th e STACK ty pe altoget her. | |||
| 9494 | [Ben Laurie] | 6592 | [Ben Laurie] | |||
| 9495 | 6593 | |||||
| 9496 | *) Add ` openssl ca -revoke < certfile>' facility which revo kes a cert ificate | 6594 | *) Add ` openssl ca -revoke < certfile>' facility which revo kes a cert ificate | |||
| 9497 | speci fied in <c ertfile> b y updating the entry in the in dex.txt fi le. | 6595 | speci fied in <c ertfile> b y updating the entry in the in dex.txt fi le. | |||
| 9498 | This way one no longer ha s to edit the index. txt file m anually fo r | 6596 | This way one no longer ha s to edit the index. txt file m anually fo r | |||
| 9499 | revok ing a cert ificate. T he -revoke option do es the gor y details now. | 6597 | revok ing a cert ificate. T he -revoke option do es the gor y details now. | |||
| 9500 | [Mass imiliano P ala <madwo lf@openca. org>, Ralf S. Engels chall] | 6598 | [Mass imiliano P ala <madwo lf@openca. org>, Ralf S. Engels chall] | |||
| 9501 | 6599 | |||||
| 9502 | *) Fix ` openssl cr l -noout - text' comb ination wh ere `-noou t' killed the | 6600 | *) Fix ` openssl cr l -noout - text' comb ination wh ere `-noou t' killed the | |||
| 9503 | `-tex t' option at all and this way the `-noou t -text' c ombination was | 6601 | `-tex t' option at all and this way the `-noou t -text' c ombination was | |||
| 9504 | incon sistent in `openssl crl' with the friend s in `open ssl x509|r sa|dsa'. | 6602 | incon sistent in `openssl crl' with the friend s in `open ssl x509|r sa|dsa'. | |||
| 9505 | [Ralf S. Engels chall] | 6603 | [Ralf S. Engels chall] | |||
| 9506 | 6604 | |||||
| 9507 | *) Make sure a cor responding plain tex t error me ssage exis ts for the | 6605 | *) Make sure a cor responding plain tex t error me ssage exis ts for the | |||
| 9508 | X509_ V_ERR_CERT _REVOKED/2 3 error nu mber which can occur when a | 6606 | X509_ V_ERR_CERT _REVOKED/2 3 error nu mber which can occur when a | |||
| 9509 | verif y callback function determined that a ce rtificate was revoke d. | 6607 | verif y callback function determined that a ce rtificate was revoke d. | |||
| 9510 | [Ralf S. Engels chall] | 6608 | [Ralf S. Engels chall] | |||
| 9511 | 6609 | |||||
| 9512 | *) Bugfi x: In test /testenc, don't test "openssl <cipher>" for | 6610 | *) Bugfi x: In test /testenc, don't test "openssl <cipher>" for | |||
| 9513 | ciphe rs that we re exclude d, e.g. by -DNO_IDEA . Also, t est | 6611 | ciphe rs that we re exclude d, e.g. by -DNO_IDEA . Also, t est | |||
| 9514 | all a vailable c ipers incl uding rc5, which was forgotten until now . | 6612 | all a vailable c ipers incl uding rc5, which was forgotten until now . | |||
| 9515 | In or der to let the testi ng shell s cript know which alg orithms | 6613 | In or der to let the testi ng shell s cript know which alg orithms | |||
| 9516 | are a vailable, a new (up to now und ocumented) command | 6614 | are a vailable, a new (up to now und ocumented) command | |||
| 9517 | "open ssl list-c ipher-comm ands" is u sed. | 6615 | "open ssl list-c ipher-comm ands" is u sed. | |||
| 9518 | [Bodo Moeller] | 6616 | [Bodo Moeller] | |||
| 9519 | 6617 | |||||
| 9520 | *) Bugfi x: s_clien t occasion ally would sleep in select() w hen | 6618 | *) Bugfi x: s_clien t occasion ally would sleep in select() w hen | |||
| 9521 | it sh ould have checked SS L_pending( ) first. | 6619 | it sh ould have checked SS L_pending( ) first. | |||
| 9522 | [Bodo Moeller] | 6620 | [Bodo Moeller] | |||
| 9523 | 6621 | |||||
| 9524 | *) New f unctions D SA_do_sign and DSA_d o_verify t o provide access to | 6622 | *) New f unctions D SA_do_sign and DSA_d o_verify t o provide access to | |||
| 9525 | the r aw DSA val ues prior to ASN.1 e ncoding. | 6623 | the r aw DSA val ues prior to ASN.1 e ncoding. | |||
| 9526 | [Ulf Möller] | 6624 | [Ulf Möller] | |||
| 9527 | 6625 | |||||
| 9528 | *) Tweak s to Confi gure | 6626 | *) Tweak s to Confi gure | |||
| 9529 | [Niel s Poppe <n iels@netbo x.org>] | 6627 | [Niel s Poppe <n iels@netbo x.org>] | |||
| 9530 | 6628 | |||||
| 9531 | *) Add s upport for PKCS#5 v2 .0 ASN1 PB ES2 struct ures. No o ther suppo rt, | 6629 | *) Add s upport for PKCS#5 v2 .0 ASN1 PB ES2 struct ures. No o ther suppo rt, | |||
| 9532 | yet.. . | 6630 | yet.. . | |||
| 9533 | [Stev e Henson] | 6631 | [Stev e Henson] | |||
| 9534 | 6632 | |||||
| 9535 | *) New v ariables $ (RANLIB) a nd $(PERL) in the Ma kefiles. | 6633 | *) New v ariables $ (RANLIB) a nd $(PERL) in the Ma kefiles. | |||
| 9536 | [Ulf Möller] | 6634 | [Ulf Möller] | |||
| 9537 | 6635 | |||||
| 9538 | *) New c onfig opti on to avoi d instruct ions that are illega l on the 8 0386. | 6636 | *) New c onfig opti on to avoi d instruct ions that are illega l on the 8 0386. | |||
| 9539 | The d efault cod e is faste r, but req uires at l east a 486 . | 6637 | The d efault cod e is faste r, but req uires at l east a 486 . | |||
| 9540 | [Ulf Möller] | 6638 | [Ulf Möller] | |||
| 9541 | 6639 | |||||
| 9542 | *) Got r id of old SSL2_CLIEN T_VERSION (inconsist ently used ) and | 6640 | *) Got r id of old SSL2_CLIEN T_VERSION (inconsist ently used ) and | |||
| 9543 | SSL2_ SERVER_VER SION (not used at al l) macros, which are now the | 6641 | SSL2_ SERVER_VER SION (not used at al l) macros, which are now the | |||
| 9544 | same as SSL2_VE RSION anyw ay. | 6642 | same as SSL2_VE RSION anyw ay. | |||
| 9545 | [Bodo Moeller] | 6643 | [Bodo Moeller] | |||
| 9546 | 6644 | |||||
| 9547 | *) New " -showcerts " option f or s_clien t. | 6645 | *) New " -showcerts " option f or s_clien t. | |||
| 9548 | [Bodo Moeller] | 6646 | [Bodo Moeller] | |||
| 9549 | 6647 | |||||
| 9550 | *) Still more PKCS #12 integr ation. Add pkcs12 ap plication to openssl | 6648 | *) Still more PKCS #12 integr ation. Add pkcs12 ap plication to openssl | |||
| 9551 | appli cation. Va rious clea nups and f ixes. | 6649 | appli cation. Va rious clea nups and f ixes. | |||
| 9552 | [Stev e Henson] | 6650 | [Stev e Henson] | |||
| 9553 | 6651 | |||||
| 9554 | *) More PKCS#12 in tegration. Add new p kcs12 dire ctory with Makefile. ssl and | 6652 | *) More PKCS#12 in tegration. Add new p kcs12 dire ctory with Makefile. ssl and | |||
| 9555 | modif y error ro utines to work inter nally. Add error cod es and PBE init | 6653 | modif y error ro utines to work inter nally. Add error cod es and PBE init | |||
| 9556 | to li brary star tup routin es. | 6654 | to li brary star tup routin es. | |||
| 9557 | [Stev e Henson] | 6655 | [Stev e Henson] | |||
| 9558 | 6656 | |||||
| 9559 | *) Furth er PKCS#12 integrati on. Added password b ased encry ption, PKC S#8 and | 6657 | *) Furth er PKCS#12 integrati on. Added password b ased encry ption, PKC S#8 and | |||
| 9560 | packi ng functio ns to asn1 and evp. Changed fu nction nam es and err or | 6658 | packi ng functio ns to asn1 and evp. Changed fu nction nam es and err or | |||
| 9561 | codes along the way. | 6659 | codes along the way. | |||
| 9562 | [Stev e Henson] | 6660 | [Stev e Henson] | |||
| 9563 | 6661 | |||||
| 9564 | *) PKCS1 2 integrat ion: and s o it begin s... First of severa l patches to | 6662 | *) PKCS1 2 integrat ion: and s o it begin s... First of severa l patches to | |||
| 9565 | slowl y integrat e PKCS#12 functional ity into O penSSL. Ad d PKCS#12 | 6663 | slowl y integrat e PKCS#12 functional ity into O penSSL. Ad d PKCS#12 | |||
| 9566 | objec ts to obje cts.h | 6664 | objec ts to obje cts.h | |||
| 9567 | [Stev e Henson] | 6665 | [Stev e Henson] | |||
| 9568 | 6666 | |||||
| 9569 | *) Add a new 'inde nt' option to some X 509V3 exte nsion code . Initial ASN1 | 6667 | *) Add a new 'inde nt' option to some X 509V3 exte nsion code . Initial ASN1 | |||
| 9570 | and d isplay sup port for T hawte stro ng extrane t extensio n. | 6668 | and d isplay sup port for T hawte stro ng extrane t extensio n. | |||
| 9571 | [Stev e Henson] | 6669 | [Stev e Henson] | |||
| 9572 | 6670 | |||||
| 9573 | *) Add L inuxPPC su pport. | 6671 | *) Add L inuxPPC su pport. | |||
| 9574 | [Jeff Dubrule < igor@pobox .org>] | 6672 | [Jeff Dubrule < igor@pobox .org>] | |||
| 9575 | 6673 | |||||
| 9576 | *) Get r id of redu ndant BN f ile bn_mul w.c, and r ename bn_d iv64 to | 6674 | *) Get r id of redu ndant BN f ile bn_mul w.c, and r ename bn_d iv64 to | |||
| 9577 | bn_di v_words in alpha.s. | 6675 | bn_di v_words in alpha.s. | |||
| 9578 | [Hann es Reineck e <H.Reine cke@hw.ac. uk> and Be n Laurie] | 6676 | [Hann es Reineck e <H.Reine cke@hw.ac. uk> and Be n Laurie] | |||
| 9579 | 6677 | |||||
| 9580 | *) Make sure the R SA OAEP te st is skip ped under -DRSAref b ecause | 6678 | *) Make sure the R SA OAEP te st is skip ped under -DRSAref b ecause | |||
| 9581 | OAEP isn't supp orted when OpenSSL i s built wi th RSAref. | 6679 | OAEP isn't supp orted when OpenSSL i s built wi th RSAref. | |||
| 9582 | [Ulf Moeller <u lf@fitug.d e>] | 6680 | [Ulf Moeller <u lf@fitug.d e>] | |||
| 9583 | 6681 | |||||
| 9584 | *) Move definition s of IS_SE T/IS_SEQUE NCE inside crypto/as n1/asn1.h | 6682 | *) Move definition s of IS_SE T/IS_SEQUE NCE inside crypto/as n1/asn1.h | |||
| 9585 | so th ey no long er are mis sing under -DNOPROTO . | 6683 | so th ey no long er are mis sing under -DNOPROTO . | |||
| 9586 | [Sore n S. Jorva ng <soren@ t.dk>] | 6684 | [Sore n S. Jorva ng <soren@ t.dk>] | |||
| 9587 | 6685 | |||||
| 9588 | 6686 | |||||
| 9589 | Changes b etween 0.9 .1c and 0. 9.2b [22 Mar 1999] | 6687 | Changes b etween 0.9 .1c and 0. 9.2b [22 Mar 1999] | |||
| 9590 | 6688 | |||||
| 9591 | *) Make SSL_get_pe er_cert_ch ain() work in server s. Unfortu nately, it still | 6689 | *) Make SSL_get_pe er_cert_ch ain() work in server s. Unfortu nately, it still | |||
| 9592 | doesn 't work wh en the ses sion is re used. Comi ng soon! | 6690 | doesn 't work wh en the ses sion is re used. Comi ng soon! | |||
| 9593 | [Ben Laurie] | 6691 | [Ben Laurie] | |||
| 9594 | 6692 | |||||
| 9595 | *) Fix a security hole, that allows se ssions to be reused in the wro ng | 6693 | *) Fix a security hole, that allows se ssions to be reused in the wro ng | |||
| 9596 | conte xt thus by passing cl ient cert protection ! All soft ware that uses | 6694 | conte xt thus by passing cl ient cert protection ! All soft ware that uses | |||
| 9597 | clien t certs an d session caches in multiple c ontexts NE EDS PATCHI NG to | 6695 | clien t certs an d session caches in multiple c ontexts NE EDS PATCHI NG to | |||
| 9598 | allow session r euse! A fu ller solut ion is in the works. | 6696 | allow session r euse! A fu ller solut ion is in the works. | |||
| 9599 | [Ben Laurie, pr oblem poin ted out by Holger Re if, Bodo M oeller (an d ???)] | 6697 | [Ben Laurie, pr oblem poin ted out by Holger Re if, Bodo M oeller (an d ???)] | |||
| 9600 | 6698 | |||||
| 9601 | *) Some more sourc e tree cle anups (rem oved obsol ete files | 6699 | *) Some more sourc e tree cle anups (rem oved obsol ete files | |||
| 9602 | crypt o/bf/asm/b f586.pl, t est/test.t xt and cry pto/sha/as m/f.s; cha nged | 6700 | crypt o/bf/asm/b f586.pl, t est/test.t xt and cry pto/sha/as m/f.s; cha nged | |||
| 9603 | permi ssion on " config" sc ript to be executabl e) and a f ix for the INSTALL | 6701 | permi ssion on " config" sc ript to be executabl e) and a f ix for the INSTALL | |||
| 9604 | docum ent. | 6702 | docum ent. | |||
| 9605 | [Ulf Moeller <u lf@fitug.d e>] | 6703 | [Ulf Moeller <u lf@fitug.d e>] | |||
| 9606 | 6704 | |||||
| 9607 | *) Remov e some leg acy and er roneous us es of mall oc, free i nstead of | 6705 | *) Remov e some leg acy and er roneous us es of mall oc, free i nstead of | |||
| 9608 | Mallo c, Free. | 6706 | Mallo c, Free. | |||
| 9609 | [Lenn art Bang < lob@netstr eam.se>, w ith minor changes by Steve] | 6707 | [Lenn art Bang < lob@netstr eam.se>, w ith minor changes by Steve] | |||
| 9610 | 6708 | |||||
| 9611 | *) Make rsa_oaep_t est return non-zero on error. | 6709 | *) Make rsa_oaep_t est return non-zero on error. | |||
| 9612 | [Ulf Moeller <u lf@fitug.d e>] | 6710 | [Ulf Moeller <u lf@fitug.d e>] | |||
| 9613 | 6711 | |||||
| 9614 | *) Add s upport for native So laris shar ed librari es. Config ure | 6712 | *) Add s upport for native So laris shar ed librari es. Config ure | |||
| 9615 | solar is-sparc-s c4-pic, ma ke, then r un shlib/s olaris-sc4 .sh. It'd be nice | 6713 | solar is-sparc-s c4-pic, ma ke, then r un shlib/s olaris-sc4 .sh. It'd be nice | |||
| 9616 | if so meone woul d make tha t last ste p automati c. | 6714 | if so meone woul d make tha t last ste p automati c. | |||
| 9617 | [Matt hias Loepf e <Matthia s.Loepfe@A dNovum.CH> ] | 6715 | [Matt hias Loepf e <Matthia s.Loepfe@A dNovum.CH> ] | |||
| 9618 | 6716 | |||||
| 9619 | *) ctx_s ize was no t built wi th the rig ht compile r during " make links ". Fixed. | 6717 | *) ctx_s ize was no t built wi th the rig ht compile r during " make links ". Fixed. | |||
| 9620 | [Ben Laurie] | 6718 | [Ben Laurie] | |||
| 9621 | 6719 | |||||
| 9622 | *) Chang e the mean ing of 'AL L' in the cipher lis t. It now means "eve rything | 6720 | *) Chang e the mean ing of 'AL L' in the cipher lis t. It now means "eve rything | |||
| 9623 | excep t NULL cip hers". Thi s means th e default cipher lis t will no longer | 6721 | excep t NULL cip hers". Thi s means th e default cipher lis t will no longer | |||
| 9624 | enabl e NULL cip hers. They need to b e specific ally enabl ed e.g. wi th | 6722 | enabl e NULL cip hers. They need to b e specific ally enabl ed e.g. wi th | |||
| 9625 | the s tring "DEF AULT:eNULL ". | 6723 | the s tring "DEF AULT:eNULL ". | |||
| 9626 | [Stev e Henson] | 6724 | [Stev e Henson] | |||
| 9627 | 6725 | |||||
| 9628 | *) Fix t o RSA priv ate encryp tion routi nes: if p < q then i t would | 6726 | *) Fix t o RSA priv ate encryp tion routi nes: if p < q then i t would | |||
| 9629 | occas ionally pr oduce an i nvalid res ult. This will only happen wit h | 6727 | occas ionally pr oduce an i nvalid res ult. This will only happen wit h | |||
| 9630 | exter nally gene rated keys because O penSSL (an d SSLeay) ensure p > q. | 6728 | exter nally gene rated keys because O penSSL (an d SSLeay) ensure p > q. | |||
| 9631 | [Stev e Henson] | 6729 | [Stev e Henson] | |||
| 9632 | 6730 | |||||
| 9633 | *) Be le ss restric tive and a llow also `perl util /perlpath. pl | 6731 | *) Be le ss restric tive and a llow also `perl util /perlpath. pl | |||
| 9634 | /path /to/bin/pe rl' in add ition to ` perl util/ perlpath.p l /path/to /bin', | 6732 | /path /to/bin/pe rl' in add ition to ` perl util/ perlpath.p l /path/to /bin', | |||
| 9635 | becau se this wa y one can also use a n interpre ter named `perl5' (w hich is | 6733 | becau se this wa y one can also use a n interpre ter named `perl5' (w hich is | |||
| 9636 | usual ly the nam e of Perl 5.xxx on p latforms w here an Pe rl 4.x is still | 6734 | usual ly the nam e of Perl 5.xxx on p latforms w here an Pe rl 4.x is still | |||
| 9637 | insta lled as `p erl'). | 6735 | insta lled as `p erl'). | |||
| 9638 | [Matt hias Loepf e <Matthia s.Loepfe@a dnovum.ch> ] | 6736 | [Matt hias Loepf e <Matthia s.Loepfe@a dnovum.ch> ] | |||
| 9639 | 6737 | |||||
| 9640 | *) Let u til/clean- depend.pl work also with older Perl 5.00 x versions . | 6738 | *) Let u til/clean- depend.pl work also with older Perl 5.00 x versions . | |||
| 9641 | [Matt hias Loepf e <Matthia s.Loepfe@a dnovum.ch> ] | 6739 | [Matt hias Loepf e <Matthia s.Loepfe@a dnovum.ch> ] | |||
| 9642 | 6740 | |||||
| 9643 | *) Fix M akefile.or g so CC,CF LAG etc ar e passed t o 'make li nks' add | 6741 | *) Fix M akefile.or g so CC,CF LAG etc ar e passed t o 'make li nks' add | |||
| 9644 | advap i32.lib to Win32 bui ld and cha nge the pe m test com parision | 6742 | advap i32.lib to Win32 bui ld and cha nge the pe m test com parision | |||
| 9645 | to fc .exe (than ks to Ulri ch Kroener <kroneru@ yahoo.com> for the | 6743 | to fc .exe (than ks to Ulri ch Kroener <kroneru@ yahoo.com> for the | |||
| 9646 | sugge stion). Fi x misplace d ASNI pro totypes an d declarat ions in ev p.h | 6744 | sugge stion). Fi x misplace d ASNI pro totypes an d declarat ions in ev p.h | |||
| 9647 | and c rypto/des/ ede_cbcm_e nc.c. | 6745 | and c rypto/des/ ede_cbcm_e nc.c. | |||
| 9648 | [Stev e Henson] | 6746 | [Stev e Henson] | |||
| 9649 | 6747 | |||||
| 9650 | *) DES q uad checks um was bro ken on big -endian ar chitecture s. Fixed. | 6748 | *) DES q uad checks um was bro ken on big -endian ar chitecture s. Fixed. | |||
| 9651 | [Ben Laurie] | 6749 | [Ben Laurie] | |||
| 9652 | 6750 | |||||
| 9653 | *) Comme nt out two functions in bio.h that aren' t implemen ted. Fix u p the | 6751 | *) Comme nt out two functions in bio.h that aren' t implemen ted. Fix u p the | |||
| 9654 | Win32 test batc h file so it (might) work agai n. The Win 32 test ba tch file | 6752 | Win32 test batc h file so it (might) work agai n. The Win 32 test ba tch file | |||
| 9655 | is ho rrible: I feel ill.. .. | 6753 | is ho rrible: I feel ill.. .. | |||
| 9656 | [Stev e Henson] | 6754 | [Stev e Henson] | |||
| 9657 | 6755 | |||||
| 9658 | *) Move various #i fdefs arou nd so NO_S YSLOG, NO_ DIRENT etc are now s elected | 6756 | *) Move various #i fdefs arou nd so NO_S YSLOG, NO_ DIRENT etc are now s elected | |||
| 9659 | in e_ os.h. Audi t of heade r files to check ANS I and non ANSI | 6757 | in e_ os.h. Audi t of heade r files to check ANS I and non ANSI | |||
| 9660 | secti ons: 10 fu nctions we re absent from non A NSI sectio n and not exported | 6758 | secti ons: 10 fu nctions we re absent from non A NSI sectio n and not exported | |||
| 9661 | from Windows DL Ls. Fixed up libeay. num for ne w function s. | 6759 | from Windows DL Ls. Fixed up libeay. num for ne w function s. | |||
| 9662 | [Stev e Henson] | 6760 | [Stev e Henson] | |||
| 9663 | 6761 | |||||
| 9664 | *) Make `openssl v ersion' ou tput lines consisten t. | 6762 | *) Make `openssl v ersion' ou tput lines consisten t. | |||
| 9665 | [Ralf S. Engels chall] | 6763 | [Ralf S. Engels chall] | |||
| 9666 | 6764 | |||||
| 9667 | *) Fix W in32 symbo l export l ists for B IO functio ns: Added | 6765 | *) Fix W in32 symbo l export l ists for B IO functio ns: Added | |||
| 9668 | BIO_g et_ex_new_ index, BIO _get_ex_nu m, BIO_get _ex_data a nd BIO_set _ex_data | 6766 | BIO_g et_ex_new_ index, BIO _get_ex_nu m, BIO_get _ex_data a nd BIO_set _ex_data | |||
| 9669 | to ms /libeay{16 ,32}.def. | 6767 | to ms /libeay{16 ,32}.def. | |||
| 9670 | [Ralf S. Engels chall] | 6768 | [Ralf S. Engels chall] | |||
| 9671 | 6769 | |||||
| 9672 | *) Secon d round of fixing th e OpenSSL perl/ stuf f. It now at least c ompiled | 6770 | *) Secon d round of fixing th e OpenSSL perl/ stuf f. It now at least c ompiled | |||
| 9673 | fine under Unix and passe s some tri vial tests I've now added. But the | 6771 | fine under Unix and passe s some tri vial tests I've now added. But the | |||
| 9674 | whole stuff is horribly i ncomplete, so a READ ME.1ST wit h a discla imer was | 6772 | whole stuff is horribly i ncomplete, so a READ ME.1ST wit h a discla imer was | |||
| 9675 | added to make s ure no one expects t hat this s tuff reall y works in the | 6773 | added to make s ure no one expects t hat this s tuff reall y works in the | |||
| 9676 | OpenS SL 0.9.2 r elease. A dditionall y I've sta rted to cl ean the XS sources | 6774 | OpenS SL 0.9.2 r elease. A dditionall y I've sta rted to cl ean the XS sources | |||
| 9677 | up an d fixed a few little bugs and inconsiste ncies in O penSSL.{pm ,xs} and | 6775 | up an d fixed a few little bugs and inconsiste ncies in O penSSL.{pm ,xs} and | |||
| 9678 | opens sl_bio.xs. | 6776 | opens sl_bio.xs. | |||
| 9679 | [Ralf S. Engels chall] | 6777 | [Ralf S. Engels chall] | |||
| 9680 | 6778 | |||||
| 9681 | *) Fix t he generat ion of two part addr esses in p erl. | 6779 | *) Fix t he generat ion of two part addr esses in p erl. | |||
| 9682 | [Kenj i Miyake < kenji@miya ke.org>, i ntegrated by Ben Lau rie] | 6780 | [Kenj i Miyake < kenji@miya ke.org>, i ntegrated by Ben Lau rie] | |||
| 9683 | 6781 | |||||
| 9684 | *) Add c onfig entr y for Linu x on MIPS. | 6782 | *) Add c onfig entr y for Linu x on MIPS. | |||
| 9685 | [John Tobey <jt obey@chann el1.com>] | 6783 | [John Tobey <jt obey@chann el1.com>] | |||
| 9686 | 6784 | |||||
| 9687 | *) Make links when ever Confi gure is ru n, unless we are on Windoze. | 6785 | *) Make links when ever Confi gure is ru n, unless we are on Windoze. | |||
| 9688 | [Ben Laurie] | 6786 | [Ben Laurie] | |||
| 9689 | 6787 | |||||
| 9690 | *) Permi t extensio ns to be a dded to CR Ls using c rl_section in openss l.cnf. | 6788 | *) Permi t extensio ns to be a dded to CR Ls using c rl_section in openss l.cnf. | |||
| 9691 | Curre ntly only issuerAltN ame and Au thorityKey Identifier make any sense | 6789 | Curre ntly only issuerAltN ame and Au thorityKey Identifier make any sense | |||
| 9692 | in CR Ls. | 6790 | in CR Ls. | |||
| 9693 | [Stev e Henson] | 6791 | [Stev e Henson] | |||
| 9694 | 6792 | |||||
| 9695 | *) Add a useful kl udge to al low packag e maintain ers to spe cify compi ler and | 6793 | *) Add a useful kl udge to al low packag e maintain ers to spe cify compi ler and | |||
| 9696 | other platforms details o n the comm and line w ithout hav ing to pat ch the | 6794 | other platforms details o n the comm and line w ithout hav ing to pat ch the | |||
| 9697 | Confi gure scrip t everytim e: One now can use ` `perl Conf igure | 6795 | Confi gure scrip t everytim e: One now can use ` `perl Conf igure | |||
| 9698 | <id>: <details>' ', i.e. pl atform ids are allow ed to have details a ppended | 6796 | <id>: <details>' ', i.e. pl atform ids are allow ed to have details a ppended | |||
| 9699 | to th em (sepera ted by col ons). This is treate d as there would be a static | 6797 | to th em (sepera ted by col ons). This is treate d as there would be a static | |||
| 9700 | pre-c onfigured entry in C onfigure's %table un der key <i d> with va lue | 6798 | pre-c onfigured entry in C onfigure's %table un der key <i d> with va lue | |||
| 9701 | <deta ils> and ` `perl Conf igure <id> '' is call ed. So, w hen you wa nt to | 6799 | <deta ils> and ` `perl Conf igure <id> '' is call ed. So, w hen you wa nt to | |||
| 9702 | perfo rm a quick test-comp ile under FreeBSD 3. 1 with pgc c and with out | 6800 | perfo rm a quick test-comp ile under FreeBSD 3. 1 with pgc c and with out | |||
| 9703 | assem bler stuff you can u se ``perl Configure "FreeBSD-e lf:pgcc:-O 6:::"'' | 6801 | assem bler stuff you can u se ``perl Configure "FreeBSD-e lf:pgcc:-O 6:::"'' | |||
| 9704 | now, which over rides the FreeBSD-el f entry on -the-fly. | 6802 | now, which over rides the FreeBSD-el f entry on -the-fly. | |||
| 9705 | [Ralf S. Engels chall] | 6803 | [Ralf S. Engels chall] | |||
| 9706 | 6804 | |||||
| 9707 | *) Disab le new TLS 1 ciphersu ites by de fault: the y aren't o fficial ye t. | 6805 | *) Disab le new TLS 1 ciphersu ites by de fault: the y aren't o fficial ye t. | |||
| 9708 | [Ben Laurie] | 6806 | [Ben Laurie] | |||
| 9709 | 6807 | |||||
| 9710 | *) Allow DSO flags like -fpi c, -fPIC, -KPIC etc. to be spe cified | 6808 | *) Allow DSO flags like -fpi c, -fPIC, -KPIC etc. to be spe cified | |||
| 9711 | on th e `perl Co nfigure .. .' command line. Thi s way one can compil e | 6809 | on th e `perl Co nfigure .. .' command line. Thi s way one can compil e | |||
| 9712 | OpenS SL librari es with Po sition Ind ependent C ode (PIC) which is n eeded | 6810 | OpenS SL librari es with Po sition Ind ependent C ode (PIC) which is n eeded | |||
| 9713 | for l inking it into DSOs. | 6811 | for l inking it into DSOs. | |||
| 9714 | [Ralf S. Engels chall] | 6812 | [Ralf S. Engels chall] | |||
| 9715 | 6813 | |||||
| 9716 | *) Remar kably, exp ort cipher s were tot ally broke n and no-o ne had not iced! | 6814 | *) Remar kably, exp ort cipher s were tot ally broke n and no-o ne had not iced! | |||
| 9717 | Fixed . | 6815 | Fixed . | |||
| 9718 | [Ben Laurie] | 6816 | [Ben Laurie] | |||
| 9719 | 6817 | |||||
| 9720 | *) Clean ed up the LICENSE do cument: Th e official contact f or any lic ense | 6818 | *) Clean ed up the LICENSE do cument: Th e official contact f or any lic ense | |||
| 9721 | quest ions now i s the Open SSL core t eam under openssl-co re@openssl .org. | 6819 | quest ions now i s the Open SSL core t eam under openssl-co re@openssl .org. | |||
| 9722 | And a dd a parag raph about the dual- license si tuation to make sure people | 6820 | And a dd a parag raph about the dual- license si tuation to make sure people | |||
| 9723 | recog nize that _BOTH_ the OpenSSL l icense _AN D_ the SSL eay licens e apply | 6821 | recog nize that _BOTH_ the OpenSSL l icense _AN D_ the SSL eay licens e apply | |||
| 9724 | to th e OpenSSL toolkit. | 6822 | to th e OpenSSL toolkit. | |||
| 9725 | [Ralf S. Engels chall] | 6823 | [Ralf S. Engels chall] | |||
| 9726 | 6824 | |||||
| 9727 | *) Gener al source tree makef ile cleanu ps: Made ` making xxx in yyy... ' | 6825 | *) Gener al source tree makef ile cleanu ps: Made ` making xxx in yyy... ' | |||
| 9728 | displ ay consist ent in the source tr ee and rep laced `/bi n/rm' by ` rm'. | 6826 | displ ay consist ent in the source tr ee and rep laced `/bi n/rm' by ` rm'. | |||
| 9729 | Addit onally cle aned up th e `make li nks' targe t: Remove unnecessar y | 6827 | Addit onally cle aned up th e `make li nks' targe t: Remove unnecessar y | |||
| 9730 | semic olons, sub sequent re dundant re moves, inl ine point. sh into mk link.sh | 6828 | semic olons, sub sequent re dundant re moves, inl ine point. sh into mk link.sh | |||
| 9731 | to sp eed proces sing and n o longer c lutter the display w ith confus ing | 6829 | to sp eed proces sing and n o longer c lutter the display w ith confus ing | |||
| 9732 | stuff . Instead only the a ctually do ne links a re display ed. | 6830 | stuff . Instead only the a ctually do ne links a re display ed. | |||
| 9733 | [Ralf S. Engels chall] | 6831 | [Ralf S. Engels chall] | |||
| 9734 | 6832 | |||||
| 9735 | *) Permi t null enc ryption ci phersuites , used for authentic ation only . It used | 6833 | *) Permi t null enc ryption ci phersuites , used for authentic ation only . It used | |||
| 9736 | to be necessary to set th e preproce ssor defin e SSL_ALLO W_ENULL to do this. | 6834 | to be necessary to set th e preproce ssor defin e SSL_ALLO W_ENULL to do this. | |||
| 9737 | It is now neces sary to se t SSL_FORB ID_ENULL t o prevent the use of null | 6835 | It is now neces sary to se t SSL_FORB ID_ENULL t o prevent the use of null | |||
| 9738 | encry ption. | 6836 | encry ption. | |||
| 9739 | [Ben Laurie] | 6837 | [Ben Laurie] | |||
| 9740 | 6838 | |||||
| 9741 | *) Add a bunch of fixes to t he PKCS#7 stuff. It used to so metimes re order | 6839 | *) Add a bunch of fixes to t he PKCS#7 stuff. It used to so metimes re order | |||
| 9742 | signe d attribut es when ve rifying si gnatures ( this would break the m), | 6840 | signe d attribut es when ve rifying si gnatures ( this would break the m), | |||
| 9743 | the d etached da ta encodin g was wron g and publ ic keys ob tained usi ng | 6841 | the d etached da ta encodin g was wron g and publ ic keys ob tained usi ng | |||
| 9744 | X509_ get_pubkey () weren't freed. | 6842 | X509_ get_pubkey () weren't freed. | |||
| 9745 | [Stev e Henson] | 6843 | [Stev e Henson] | |||
| 9746 | 6844 | |||||
| 9747 | *) Add t ext docume ntation fo r the BUFF ER functio ns. Also a dded a wor k around | 6845 | *) Add t ext docume ntation fo r the BUFF ER functio ns. Also a dded a wor k around | |||
| 9748 | to a Win95 cons ole bug. T his was tr iggered by the passw ord read s tuff: the | 6846 | to a Win95 cons ole bug. T his was tr iggered by the passw ord read s tuff: the | |||
| 9749 | last character typed gets carried o ver to the next frea d(). If yo u were | 6847 | last character typed gets carried o ver to the next frea d(). If yo u were | |||
| 9750 | gener ating a ne w cert req uest using 'req' for example t hen the la st | 6848 | gener ating a ne w cert req uest using 'req' for example t hen the la st | |||
| 9751 | chara cter of th e passphra se would b e CR which would the n enter th e first | 6849 | chara cter of th e passphra se would b e CR which would the n enter th e first | |||
| 9752 | field as blank. | 6850 | field as blank. | |||
| 9753 | [Stev e Henson] | 6851 | [Stev e Henson] | |||
| 9754 | 6852 | |||||
| 9755 | *) Added the new ` Includes O penSSL Cry ptography Software' button as | 6853 | *) Added the new ` Includes O penSSL Cry ptography Software' button as | |||
| 9756 | doc/o penssl_but ton.{gif,h tml} which is simila r in style to the ol d SSLeay | 6854 | doc/o penssl_but ton.{gif,h tml} which is simila r in style to the ol d SSLeay | |||
| 9757 | butto n and can be used by applicati ons based on OpenSSL to show t he | 6855 | butto n and can be used by applicati ons based on OpenSSL to show t he | |||
| 9758 | relat ionship to the OpenS SL project . | 6856 | relat ionship to the OpenS SL project . | |||
| 9759 | [Ralf S. Engels chall] | 6857 | [Ralf S. Engels chall] | |||
| 9760 | 6858 | |||||
| 9761 | *) Remov e confusin g variable s in funct ion signat ures in fi les | 6859 | *) Remov e confusin g variable s in funct ion signat ures in fi les | |||
| 9762 | ssl/s sl_lib.c a nd ssl/ssl .h. | 6860 | ssl/s sl_lib.c a nd ssl/ssl .h. | |||
| 9763 | [Lenn art Bong < lob@kulthe a.stacken. kth.se>] | 6861 | [Lenn art Bong < lob@kulthe a.stacken. kth.se>] | |||
| 9764 | 6862 | |||||
| 9765 | *) Don't install b ss_file.c under PREF IX/include / | 6863 | *) Don't install b ss_file.c under PREF IX/include / | |||
| 9766 | [Lenn art Bong < lob@kulthe a.stacken. kth.se>] | 6864 | [Lenn art Bong < lob@kulthe a.stacken. kth.se>] | |||
| 9767 | 6865 | |||||
| 9768 | *) Get t he Win32 c ompile wor king again . Modify m kdef.pl so it can ha ndle | 6866 | *) Get t he Win32 c ompile wor king again . Modify m kdef.pl so it can ha ndle | |||
| 9769 | funct ions that return fun ction poin ters and h as support for NT sp ecific | 6867 | funct ions that return fun ction poin ters and h as support for NT sp ecific | |||
| 9770 | stuff . Fix mk1m f.pl and V C-32.pl to support N T differen ces also. Various | 6868 | stuff . Fix mk1m f.pl and V C-32.pl to support N T differen ces also. Various | |||
| 9771 | #ifde f WIN32 an d WINNTs s prinkled a bout the p lace and s ome change s from | 6869 | #ifde f WIN32 an d WINNTs s prinkled a bout the p lace and s ome change s from | |||
| 9772 | unsig ned to sig ned types: this was killing th e Win32 co mpile. | 6870 | unsig ned to sig ned types: this was killing th e Win32 co mpile. | |||
| 9773 | [Stev e Henson] | 6871 | [Stev e Henson] | |||
| 9774 | 6872 | |||||
| 9775 | *) Add n ew certifi cate file to stack f unctions, | 6873 | *) Add n ew certifi cate file to stack f unctions, | |||
| 9776 | SSL_a dd_dir_cer t_subjects _to_stack( ) and | 6874 | SSL_a dd_dir_cer t_subjects _to_stack( ) and | |||
| 9777 | SSL_a dd_file_ce rt_subject s_to_stack (). These largely s upplant | 6875 | SSL_a dd_file_ce rt_subject s_to_stack (). These largely s upplant | |||
| 9778 | SSL_l oad_client _CA_file() , and can be used to add multi ple certs easily | 6876 | SSL_l oad_client _CA_file() , and can be used to add multi ple certs easily | |||
| 9779 | to a stack (usu ally this is then ha nded to SS L_CTX_set_ client_CA_ list()). | 6877 | to a stack (usu ally this is then ha nded to SS L_CTX_set_ client_CA_ list()). | |||
| 9780 | This means that Apache-SS L and simi lar packag es don't h ave to mes s around | 6878 | This means that Apache-SS L and simi lar packag es don't h ave to mes s around | |||
| 9781 | to ad d as many CAs as the y want to the prefer red list. | 6879 | to ad d as many CAs as the y want to the prefer red list. | |||
| 9782 | [Ben Laurie] | 6880 | [Ben Laurie] | |||
| 9783 | 6881 | |||||
| 9784 | *) Exper iment with doxygen d ocumentati on. Curren tly only p artially a pplied to | 6882 | *) Exper iment with doxygen d ocumentati on. Curren tly only p artially a pplied to | |||
| 9785 | ssl/s sl_lib.c. | 6883 | ssl/s sl_lib.c. | |||
| 9786 | See h ttp://www. stack.nl/~ dimitri/do xygen/inde x.html, an d run doxy gen with | 6884 | See h ttp://www. stack.nl/~ dimitri/do xygen/inde x.html, an d run doxy gen with | |||
| 9787 | opens sl.doxy as the confi guration f ile. | 6885 | opens sl.doxy as the confi guration f ile. | |||
| 9788 | [Ben Laurie] | 6886 | [Ben Laurie] | |||
| 9789 | 6887 | |||||
| 9790 | *) Get r id of rema ining C++- style comm ents which strict C compilers hate. | 6888 | *) Get r id of rema ining C++- style comm ents which strict C compilers hate. | |||
| 9791 | [Ralf S. Engels chall, poi nted out b y Carlos A mengual] | 6889 | [Ralf S. Engels chall, poi nted out b y Carlos A mengual] | |||
| 9792 | 6890 | |||||
| 9793 | *) Chang ed BN_RECU RSION in b n_mont.c t o BN_RECUR SION_MONT so it is n ot | 6891 | *) Chang ed BN_RECU RSION in b n_mont.c t o BN_RECUR SION_MONT so it is n ot | |||
| 9794 | compi led in by default: i t has prob lems with large keys . | 6892 | compi led in by default: i t has prob lems with large keys . | |||
| 9795 | [Stev e Henson] | 6893 | [Stev e Henson] | |||
| 9796 | 6894 | |||||
| 9797 | *) Add a bunch of SSL_xxx() functions for config uring the temporary RSA and | 6895 | *) Add a bunch of SSL_xxx() functions for config uring the temporary RSA and | |||
| 9798 | DH pr ivate keys and/or ca llback fun ctions whi ch directl y correspo nd to | 6896 | DH pr ivate keys and/or ca llback fun ctions whi ch directl y correspo nd to | |||
| 9799 | their SSL_CTX_x xx() count erparts bu t work on a per-conn ection bas is. This | 6897 | their SSL_CTX_x xx() count erparts bu t work on a per-conn ection bas is. This | |||
| 9800 | is ne eded for a pplication s which ha ve to conf igure cert ificates o n a | 6898 | is ne eded for a pplication s which ha ve to conf igure cert ificates o n a | |||
| 9801 | per-c onnection basis (e.g . Apache+m od_ssl) in stead of a per-conte xt basis | 6899 | per-c onnection basis (e.g . Apache+m od_ssl) in stead of a per-conte xt basis | |||
| 9802 | (e.g. s_server) . | 6900 | (e.g. s_server) . | |||
| 9803 | Fo r the RSA certificat e situatio n is makes no differ ence, but | 6901 | Fo r the RSA certificat e situatio n is makes no differ ence, but | |||
| 9804 | for t he DSA cer tificate s ituation t his fixes the "no sh ared ciphe r" | 6902 | for t he DSA cer tificate s ituation t his fixes the "no sh ared ciphe r" | |||
| 9805 | probl em where t he OpenSSL cipher se lection pr ocedure fa iled becau se the | 6903 | probl em where t he OpenSSL cipher se lection pr ocedure fa iled becau se the | |||
| 9806 | tempo rary keys were not o vertaken f rom the co ntext and the API pr ovided | 6904 | tempo rary keys were not o vertaken f rom the co ntext and the API pr ovided | |||
| 9807 | no wa y to recon figure the m. | 6905 | no wa y to recon figure the m. | |||
| 9808 | Th e new func tions now let applic ations rec onfigure t he stuff a nd they | 6906 | Th e new func tions now let applic ations rec onfigure t he stuff a nd they | |||
| 9809 | are i n detail: SSL_need_t mp_RSA, SS L_set_tmp_ rsa, SSL_s et_tmp_dh, | 6907 | are i n detail: SSL_need_t mp_RSA, SS L_set_tmp_ rsa, SSL_s et_tmp_dh, | |||
| 9810 | SSL_s et_tmp_rsa _callback and SSL_se t_tmp_dh_c allback. Additional ly a new | 6908 | SSL_s et_tmp_rsa _callback and SSL_se t_tmp_dh_c allback. Additional ly a new | |||
| 9811 | non-p ublic-API function s sl_cert_in stantiate( ) is used as a helpe r | 6909 | non-p ublic-API function s sl_cert_in stantiate( ) is used as a helpe r | |||
| 9812 | funct ion and al so to redu ce code re dundancy i nside ssl_ rsa.c. | 6910 | funct ion and al so to redu ce code re dundancy i nside ssl_ rsa.c. | |||
| 9813 | [Ralf S. Engels chall] | 6911 | [Ralf S. Engels chall] | |||
| 9814 | 6912 | |||||
| 9815 | *) Move s_server - dcert and -dkey opti ons out of the undoc umented fe ature | 6913 | *) Move s_server - dcert and -dkey opti ons out of the undoc umented fe ature | |||
| 9816 | area because th ey are use ful for th e DSA situ ation and should be | 6914 | area because th ey are use ful for th e DSA situ ation and should be | |||
| 9817 | recog nized by t he users. | 6915 | recog nized by t he users. | |||
| 9818 | [Ralf S. Engels chall] | 6916 | [Ralf S. Engels chall] | |||
| 9819 | 6917 | |||||
| 9820 | *) Fix t he cipher decision s cheme for export cip hers: the export bit s are | 6918 | *) Fix t he cipher decision s cheme for export cip hers: the export bit s are | |||
| 9821 | *not* within SS L_MKEY_MAS K or SSL_A UTH_MASK, they are w ithin | 6919 | *not* within SS L_MKEY_MAS K or SSL_A UTH_MASK, they are w ithin | |||
| 9822 | SSL_E XP_MASK. So, the or iginal var iable has to be used instead o f the | 6920 | SSL_E XP_MASK. So, the or iginal var iable has to be used instead o f the | |||
| 9823 | alrea dy masked variable. | 6921 | alrea dy masked variable. | |||
| 9824 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 6922 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 9825 | 6923 | |||||
| 9826 | *) Fix ' port' vari able from `int' to ` unsigned i nt' in cry pto/bio/b_ sock.c | 6924 | *) Fix ' port' vari able from `int' to ` unsigned i nt' in cry pto/bio/b_ sock.c | |||
| 9827 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 6925 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 9828 | 6926 | |||||
| 9829 | *) Chang e type of another md _len varia ble in pk7 _doit.c:PK CS7_dataFi nal() | 6927 | *) Chang e type of another md _len varia ble in pk7 _doit.c:PK CS7_dataFi nal() | |||
| 9830 | from `int' to ` unsigned i nt' becaus e it's a l ength and initialize d by | 6928 | from `int' to ` unsigned i nt' becaus e it's a l ength and initialize d by | |||
| 9831 | EVP_D igestFinal () which e xpects an `unsigned int *'. | 6929 | EVP_D igestFinal () which e xpects an `unsigned int *'. | |||
| 9832 | [Rich ard Levitt e <levitte @stacken.k th.se>] | 6930 | [Rich ard Levitt e <levitte @stacken.k th.se>] | |||
| 9833 | 6931 | |||||
| 9834 | *) Don't hard-code path to P erl interp reter on s hebang lin e of Confi gure | 6932 | *) Don't hard-code path to P erl interp reter on s hebang lin e of Confi gure | |||
| 9835 | scrip t. Instead use the u sual Shell ->Perl tra nsition tr ick. | 6933 | scrip t. Instead use the u sual Shell ->Perl tra nsition tr ick. | |||
| 9836 | [Ralf S. Engels chall] | 6934 | [Ralf S. Engels chall] | |||
| 9837 | 6935 | |||||
| 9838 | *) Make `openssl x 509 -noout -modulus' functiona l also for DSA certi ficates | 6936 | *) Make `openssl x 509 -noout -modulus' functiona l also for DSA certi ficates | |||
| 9839 | (in a ddition to RSA certi ficates) t o match th e behaviou r of `open ssl dsa | 6937 | (in a ddition to RSA certi ficates) t o match th e behaviou r of `open ssl dsa | |||
| 9840 | -noou t -modulus ' as it's already th e case for `openssl rsa -noout | 6938 | -noou t -modulus ' as it's already th e case for `openssl rsa -noout | |||
| 9841 | -modu lus'. For RSA the - modulus is the real "modulus" while for DSA | 6939 | -modu lus'. For RSA the - modulus is the real "modulus" while for DSA | |||
| 9842 | curre ntly the p ublic key is printed (a decisi on which w as already done by | 6940 | curre ntly the p ublic key is printed (a decisi on which w as already done by | |||
| 9843 | `open ssl dsa -m odulus' in the past) which ser ves a simi lar purpos e. | 6941 | `open ssl dsa -m odulus' in the past) which ser ves a simi lar purpos e. | |||
| 9844 | Addit ionally th e NO_RSA n o longer c ompletely removes th e whole -m odulus | 6942 | Addit ionally th e NO_RSA n o longer c ompletely removes th e whole -m odulus | |||
| 9845 | optio n; it now only avoid s using th e RSA stuf f. Same ap plies to N O_DSA | 6943 | optio n; it now only avoid s using th e RSA stuf f. Same ap plies to N O_DSA | |||
| 9846 | now, too. | 6944 | now, too. | |||
| 9847 | [Ralf S. Engel schall] | 6945 | [Ralf S. Engel schall] | |||
| 9848 | 6946 | |||||
| 9849 | *) Add A rne Ansper 's reliabl e BIO - th is is an e ncrypted, block-dige sted | 6947 | *) Add A rne Ansper 's reliabl e BIO - th is is an e ncrypted, block-dige sted | |||
| 9850 | BIO. See the so urce (cryp to/evp/bio _ok.c) for more info . | 6948 | BIO. See the so urce (cryp to/evp/bio _ok.c) for more info . | |||
| 9851 | [Arne Ansper <a rne@ats.cy ber.ee>] | 6949 | [Arne Ansper <a rne@ats.cy ber.ee>] | |||
| 9852 | 6950 | |||||
| 9853 | *) Dump the old yu cky req co de that tr ied (and f ailed) to allow raw OIDs | 6951 | *) Dump the old yu cky req co de that tr ied (and f ailed) to allow raw OIDs | |||
| 9854 | to be added. No w both 're q' and 'ca ' can use new object s defined in the | 6952 | to be added. No w both 're q' and 'ca ' can use new object s defined in the | |||
| 9855 | confi g file. | 6953 | confi g file. | |||
| 9856 | [Stev e Henson] | 6954 | [Stev e Henson] | |||
| 9857 | 6955 | |||||
| 9858 | *) Add c ool BIO th at does sy slog (or e vent log o n NT). | 6956 | *) Add c ool BIO th at does sy slog (or e vent log o n NT). | |||
| 9859 | [Arne Ansper <a rne@ats.cy ber.ee>, i ntegrated by Ben Lau rie] | 6957 | [Arne Ansper <a rne@ats.cy ber.ee>, i ntegrated by Ben Lau rie] | |||
| 9860 | 6958 | |||||
| 9861 | *) Add s upport for new TLS c iphersuite s, TLS_RSA _EXPORT56_ WITH_RC4_5 6_MD5, | 6959 | *) Add s upport for new TLS c iphersuite s, TLS_RSA _EXPORT56_ WITH_RC4_5 6_MD5, | |||
| 9862 | TLS_R SA_EXPORT5 6_WITH_RC2 _CBC_56_MD 5 and | 6960 | TLS_R SA_EXPORT5 6_WITH_RC2 _CBC_56_MD 5 and | |||
| 9863 | TLS_R SA_EXPORT5 6_WITH_DES _CBC_SHA, as specifi ed in "56- bit Export Cipher | 6961 | TLS_R SA_EXPORT5 6_WITH_DES _CBC_SHA, as specifi ed in "56- bit Export Cipher | |||
| 9864 | Suite s For TLS" , draft-ie tf-tls-56- bit-cipher suites-00. txt. | 6962 | Suite s For TLS" , draft-ie tf-tls-56- bit-cipher suites-00. txt. | |||
| 9865 | [Ben Laurie] | 6963 | [Ben Laurie] | |||
| 9866 | 6964 | |||||
| 9867 | *) Add p reliminary config in fo for new extension code. | 6965 | *) Add p reliminary config in fo for new extension code. | |||
| 9868 | [Stev e Henson] | 6966 | [Stev e Henson] | |||
| 9869 | 6967 | |||||
| 9870 | *) Make RSA_NO_PAD DING reall y use no p adding. | 6968 | *) Make RSA_NO_PAD DING reall y use no p adding. | |||
| 9871 | [Ulf Moeller <u lf@fitug.d e>] | 6969 | [Ulf Moeller <u lf@fitug.d e>] | |||
| 9872 | 6970 | |||||
| 9873 | *) Gener ate errors when priv ate/public key check is done. | 6971 | *) Gener ate errors when priv ate/public key check is done. | |||
| 9874 | [Ben Laurie] | 6972 | [Ben Laurie] | |||
| 9875 | 6973 | |||||
| 9876 | *) Overh aul for 'c rl' utilit y. New fun ction X509 _CRL_print . Partial support | 6974 | *) Overh aul for 'c rl' utilit y. New fun ction X509 _CRL_print . Partial support | |||
| 9877 | for s ome CRL ex tensions a nd new obj ects added . | 6975 | for s ome CRL ex tensions a nd new obj ects added . | |||
| 9878 | [Stev e Henson] | 6976 | [Stev e Henson] | |||
| 9879 | 6977 | |||||
| 9880 | *) Reall y fix the ASN1 IMPLI CIT bug th is time... Partial s upport for private | 6978 | *) Reall y fix the ASN1 IMPLI CIT bug th is time... Partial s upport for private | |||
| 9881 | key u sage exten sion and f uller supp ort for au thority ke y id. | 6979 | key u sage exten sion and f uller supp ort for au thority ke y id. | |||
| 9882 | [Stev e Henson] | 6980 | [Stev e Henson] | |||
| 9883 | 6981 | |||||
| 9884 | *) Add O AEP encryp tion for t he OpenSSL crypto li brary. OAE P is the i mproved | 6982 | *) Add O AEP encryp tion for t he OpenSSL crypto li brary. OAE P is the i mproved | |||
| 9885 | paddi ng method for RSA, w hich is re commended for new ap plications in PKCS | 6983 | paddi ng method for RSA, w hich is re commended for new ap plications in PKCS | |||
| 9886 | #1 v2 .0 (RFC 24 37, Octobe r 1998). | 6984 | #1 v2 .0 (RFC 24 37, Octobe r 1998). | |||
| 9887 | OAEP (Optimal A symmetric Encryption Padding) has better theoretic al | 6985 | OAEP (Optimal A symmetric Encryption Padding) has better theoretic al | |||
| 9888 | found ations tha n the ad-h oc padding used in P KCS #1 v1. 5. It is s ecure | 6986 | found ations tha n the ad-h oc padding used in P KCS #1 v1. 5. It is s ecure | |||
| 9889 | again st Bleichb acher's at tack on RS A. | 6987 | again st Bleichb acher's at tack on RS A. | |||
| 9890 | [Ulf Moeller <u lf@fitug.d e>, reform atted, cor rected and integrate d by | 6988 | [Ulf Moeller <u lf@fitug.d e>, reform atted, cor rected and integrate d by | |||
| 9891 | Ben Laurie] | 6989 | Ben Laurie] | |||
| 9892 | 6990 | |||||
| 9893 | *) Updat es to the new SSL co mpression code | 6991 | *) Updat es to the new SSL co mpression code | |||
| 9894 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | 6992 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | |||
| 9895 | 6993 | |||||
| 9896 | *) Fix s o that the version n umber in t he master secret, wh en passed | 6994 | *) Fix s o that the version n umber in t he master secret, wh en passed | |||
| 9897 | via R SA, checks that if T LS was pro posed, but we roll b ack to SSL v3 | 6995 | via R SA, checks that if T LS was pro posed, but we roll b ack to SSL v3 | |||
| 9898 | (beca use the se rver will not accept higher), that the v ersion num ber | 6996 | (beca use the se rver will not accept higher), that the v ersion num ber | |||
| 9899 | is 0x 03,0x01, n ot 0x03,0x 00 | 6997 | is 0x 03,0x01, n ot 0x03,0x 00 | |||
| 9900 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | 6998 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | |||
| 9901 | 6999 | |||||
| 9902 | *) Run e xtensive m emory leak checks on SSL apps. Fixed *lo ts* of mem ory | 7000 | *) Run e xtensive m emory leak checks on SSL apps. Fixed *lo ts* of mem ory | |||
| 9903 | leaks in ssl/ r elating to new X509_ get_pubkey () behavio ur. Also f ixes | 7001 | leaks in ssl/ r elating to new X509_ get_pubkey () behavio ur. Also f ixes | |||
| 9904 | in ap ps/ and an unrelated leak in c rypto/dsa/ dsa_vrf.c | 7002 | in ap ps/ and an unrelated leak in c rypto/dsa/ dsa_vrf.c | |||
| 9905 | [Stev e Henson] | 7003 | [Stev e Henson] | |||
| 9906 | 7004 | |||||
| 9907 | *) Suppo rt for RAW extension s where an arbitrary extension can be | 7005 | *) Suppo rt for RAW extension s where an arbitrary extension can be | |||
| 9908 | creat ed by incl uding its DER encodi ng. See ap ps/openssl .cnf for | 7006 | creat ed by incl uding its DER encodi ng. See ap ps/openssl .cnf for | |||
| 9909 | an ex ample. | 7007 | an ex ample. | |||
| 9910 | [Stev e Henson] | 7008 | [Stev e Henson] | |||
| 9911 | 7009 | |||||
| 9912 | *) Make sure lates t Perl ver sions don' t interpre t some gen erated C a rray | 7010 | *) Make sure lates t Perl ver sions don' t interpre t some gen erated C a rray | |||
| 9913 | code as Perl ar ray code i n the cryp to/err/err _genc.pl s cript. | 7011 | code as Perl ar ray code i n the cryp to/err/err _genc.pl s cript. | |||
| 9914 | [Lars Weber <3w eber@infor matik.uni- hamburg.de >] | 7012 | [Lars Weber <3w eber@infor matik.uni- hamburg.de >] | |||
| 9915 | 7013 | |||||
| 9916 | *) Modif y ms/do_ms .bat to no t generate assembly language m akefiles s ince | 7014 | *) Modif y ms/do_ms .bat to no t generate assembly language m akefiles s ince | |||
| 9917 | not m any people have the assembler. Various W in32 compi lation fix es and | 7015 | not m any people have the assembler. Various W in32 compi lation fix es and | |||
| 9918 | updat e to the I NSTALL.W32 file with (hopefull y) more ac curate Win 32 | 7016 | updat e to the I NSTALL.W32 file with (hopefull y) more ac curate Win 32 | |||
| 9919 | build instructi ons. | 7017 | build instructi ons. | |||
| 9920 | [Stev e Henson] | 7018 | [Stev e Henson] | |||
| 9921 | 7019 | |||||
| 9922 | *) Modif y configur e script ' Configure' to automa tically cr eate crypt o/date.h | 7020 | *) Modif y configur e script ' Configure' to automa tically cr eate crypt o/date.h | |||
| 9923 | file under Win3 2 and also build pem .h from pe m.org. New script | 7021 | file under Win3 2 and also build pem .h from pe m.org. New script | |||
| 9924 | util/ mkfiles.pl to create the MINFO file on e nvironment s that can 't do a | 7022 | util/ mkfiles.pl to create the MINFO file on e nvironment s that can 't do a | |||
| 9925 | 'make files': p erl util/m kfiles.pl >MINFO sho uld work. | 7023 | 'make files': p erl util/m kfiles.pl >MINFO sho uld work. | |||
| 9926 | [Stev e Henson] | 7024 | [Stev e Henson] | |||
| 9927 | 7025 | |||||
| 9928 | *) Major rework of DES funct ion declar ations, in the pursu it of corr ectness | 7026 | *) Major rework of DES funct ion declar ations, in the pursu it of corr ectness | |||
| 9929 | and p urity. As a result, many evil casts evap orated, an d some wei rdness, | 7027 | and p urity. As a result, many evil casts evap orated, an d some wei rdness, | |||
| 9930 | too. You may fi nd this ca uses warni ngs in you r code. Za pping your evil | 7028 | too. You may fi nd this ca uses warni ngs in you r code. Za pping your evil | |||
| 9931 | casts will prob ably fix t hem. Mostl y. | 7029 | casts will prob ably fix t hem. Mostl y. | |||
| 9932 | [Ben Laurie] | 7030 | [Ben Laurie] | |||
| 9933 | 7031 | |||||
| 9934 | *) Fix f or a typo in asn1.h. Bug fix t o object c reation sc ript | 7032 | *) Fix f or a typo in asn1.h. Bug fix t o object c reation sc ript | |||
| 9935 | obj_d at.pl. It considered a zero in an object definitio n to mean | 7033 | obj_d at.pl. It considered a zero in an object definitio n to mean | |||
| 9936 | "end of object" : none of the object s in objec ts.h have any zeros | 7034 | "end of object" : none of the object s in objec ts.h have any zeros | |||
| 9937 | so it wasn't sp otted. | 7035 | so it wasn't sp otted. | |||
| 9938 | [Stev e Henson, reported b y Erwann A BALEA <eab alea@certp lus.com>] | 7036 | [Stev e Henson, reported b y Erwann A BALEA <eab alea@certp lus.com>] | |||
| 9939 | 7037 | |||||
| 9940 | *) Add s upport for Triple DE S Cipher B lock Chain ing with O utput Feed back | 7038 | *) Add s upport for Triple DE S Cipher B lock Chain ing with O utput Feed back | |||
| 9941 | Maski ng (CBCM). In the ab sence of t est vector s, the bes t I have b een able | 7039 | Maski ng (CBCM). In the ab sence of t est vector s, the bes t I have b een able | |||
| 9942 | to do is check that the d ecrypt und oes the en crypt, so far. Send me test | 7040 | to do is check that the d ecrypt und oes the en crypt, so far. Send me test | |||
| 9943 | vecto rs if you have them. | 7041 | vecto rs if you have them. | |||
| 9944 | [Ben Laurie] | 7042 | [Ben Laurie] | |||
| 9945 | 7043 | |||||
| 9946 | *) Corre ct calcula tion of ke y length f or export ciphers (t oo much sp ace was | 7044 | *) Corre ct calcula tion of ke y length f or export ciphers (t oo much sp ace was | |||
| 9947 | alloc ated for n ull cipher s). This h as not bee n tested! | 7045 | alloc ated for n ull cipher s). This h as not bee n tested! | |||
| 9948 | [Ben Laurie] | 7046 | [Ben Laurie] | |||
| 9949 | 7047 | |||||
| 9950 | *) Modif ications t o the mkde f.pl for W in32 DEF f ile creati on. The us age | 7048 | *) Modif ications t o the mkde f.pl for W in32 DEF f ile creati on. The us age | |||
| 9951 | messa ge is now correct (i t understa nds "crypt o" and "ss l" on its | 7049 | messa ge is now correct (i t understa nds "crypt o" and "ss l" on its | |||
| 9952 | comma nd line). There is a lso now an "update" option. Th is will up date | 7050 | comma nd line). There is a lso now an "update" option. Th is will up date | |||
| 9953 | the u til/ssleay .num and u til/libeay .num files with any new functi ons. | 7051 | the u til/ssleay .num and u til/libeay .num files with any new functi ons. | |||
| 9954 | If yo u do a: | 7052 | If yo u do a: | |||
| 9955 | perl util/mkdef .pl crypto ssl updat e | 7053 | perl util/mkdef .pl crypto ssl updat e | |||
| 9956 | it wi ll update them. | 7054 | it wi ll update them. | |||
| 9957 | [Stev e Henson] | 7055 | [Stev e Henson] | |||
| 9958 | 7056 | |||||
| 9959 | *) Overh auled the Perl inter face (perl /*): | 7057 | *) Overh auled the Perl inter face (perl /*): | |||
| 9960 | - por ted BN stu ff to Open SSL's diff erent BN l ibrary | 7058 | - por ted BN stu ff to Open SSL's diff erent BN l ibrary | |||
| 9961 | - mad e the perl / source t ree CVS-aw are | 7059 | - mad e the perl / source t ree CVS-aw are | |||
| 9962 | - ren amed the p ackage fro m SSLeay t o OpenSSL (the files still con tain | 7060 | - ren amed the p ackage fro m SSLeay t o OpenSSL (the files still con tain | |||
| 9963 | the ir history because I 've copied them in t he reposit ory) | 7061 | the ir history because I 've copied them in t he reposit ory) | |||
| 9964 | - rem oved obsol ete files (the test scripts wi ll be repl aced | 7062 | - rem oved obsol ete files (the test scripts wi ll be repl aced | |||
| 9965 | by better Tes t::Harness variants in the fut ure) | 7063 | by better Tes t::Harness variants in the fut ure) | |||
| 9966 | [Ralf S. Engels chall] | 7064 | [Ralf S. Engels chall] | |||
| 9967 | 7065 | |||||
| 9968 | *) First cut for a very cons ervative s ource tree cleanup: | 7066 | *) First cut for a very cons ervative s ource tree cleanup: | |||
| 9969 | 1. me rge variou s obsolete readme te xts into d oc/ssleay. txt | 7067 | 1. me rge variou s obsolete readme te xts into d oc/ssleay. txt | |||
| 9970 | where we collec t the old documents and readme texts. | 7068 | where we collec t the old documents and readme texts. | |||
| 9971 | 2. re move the f irst part of files w here I'm a lready sur e that we no | 7069 | 2. re move the f irst part of files w here I'm a lready sur e that we no | |||
| 9972 | longe r need the m because of three r easons: ei ther they are just t emporary | 7070 | longe r need the m because of three r easons: ei ther they are just t emporary | |||
| 9973 | files which wer e left by Eric or th ey are pre served ori ginal file s where | 7071 | files which wer e left by Eric or th ey are pre served ori ginal file s where | |||
| 9974 | I've verified t hat the di ff is also available in the CV S via "cvs diff | 7072 | I've verified t hat the di ff is also available in the CV S via "cvs diff | |||
| 9975 | -rSSL eay_0_8_1b " or they were renam ed (as it was defini tely the c ase for | 7073 | -rSSL eay_0_8_1b " or they were renam ed (as it was defini tely the c ase for | |||
| 9976 | the c rypto/md/ stuff). | 7074 | the c rypto/md/ stuff). | |||
| 9977 | [Ralf S. Engels chall] | 7075 | [Ralf S. Engels chall] | |||
| 9978 | 7076 | |||||
| 9979 | *) More extension code. Inco mplete sup port for s ubject and issuer al t | 7077 | *) More extension code. Inco mplete sup port for s ubject and issuer al t | |||
| 9980 | name, issuer an d authorit y key id. Change the i2v funct ion parame ters | 7078 | name, issuer an d authorit y key id. Change the i2v funct ion parame ters | |||
| 9981 | and a dd an extr a 'crl' pa rameter in the X509V 3_CTX stru cture: gue ss | 7079 | and a dd an extr a 'crl' pa rameter in the X509V 3_CTX stru cture: gue ss | |||
| 9982 | what that's for :-) Fix t o ASN1 mac ro which m essed up | 7080 | what that's for :-) Fix t o ASN1 mac ro which m essed up | |||
| 9983 | IMPLI CIT tag an d add f_en um.c which adds a2i, i2a for E NUMERATED. | 7081 | IMPLI CIT tag an d add f_en um.c which adds a2i, i2a for E NUMERATED. | |||
| 9984 | [Stev e Henson] | 7082 | [Stev e Henson] | |||
| 9985 | 7083 | |||||
| 9986 | *) Preli minary sup port for E NUMERATED type. This is largel y copied f rom the | 7084 | *) Preli minary sup port for E NUMERATED type. This is largel y copied f rom the | |||
| 9987 | INTEG ER code. | 7085 | INTEG ER code. | |||
| 9988 | [Stev e Henson] | 7086 | [Stev e Henson] | |||
| 9989 | 7087 | |||||
| 9990 | *) Add n ew functio n, EVP_MD_ CTX_copy() to replac e frequent use of me mcpy. | 7088 | *) Add n ew functio n, EVP_MD_ CTX_copy() to replac e frequent use of me mcpy. | |||
| 9991 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | 7089 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | |||
| 9992 | 7090 | |||||
| 9993 | *) Make sure `make rehash' t arget real ly finds t he `openss l' program . | 7091 | *) Make sure `make rehash' t arget real ly finds t he `openss l' program . | |||
| 9994 | [Ralf S. Engels chall, Mat thias Loep fe <Matthi as.Loepfe@ adnovum.ch >] | 7092 | [Ralf S. Engels chall, Mat thias Loep fe <Matthi as.Loepfe@ adnovum.ch >] | |||
| 9995 | 7093 | |||||
| 9996 | *) Squee ze another 7% of spe ed out of MD5 assemb ler, at le ast on a P 2. I'd | 7094 | *) Squee ze another 7% of spe ed out of MD5 assemb ler, at le ast on a P 2. I'd | |||
| 9997 | like to hear ab out it if this slows down othe r processo rs. | 7095 | like to hear ab out it if this slows down othe r processo rs. | |||
| 9998 | [Ben Laurie] | 7096 | [Ben Laurie] | |||
| 9999 | 7097 | |||||
| 10000 | *) Add C ygWin32 pl atform inf ormation t o Configur e script. | 7098 | *) Add C ygWin32 pl atform inf ormation t o Configur e script. | |||
| 10001 | [Alan Batie <ba tie@aahz.j f.intel.co m>] | 7099 | [Alan Batie <ba tie@aahz.j f.intel.co m>] | |||
| 10002 | 7100 | |||||
| 10003 | *) Fixed ms/32all. bat script : `no_asm' -> `no-as m' | 7101 | *) Fixed ms/32all. bat script : `no_asm' -> `no-as m' | |||
| 10004 | [Rain er W. Gerl ing <gerli ng@mpg-gv. mpg.de>] | 7102 | [Rain er W. Gerl ing <gerli ng@mpg-gv. mpg.de>] | |||
| 10005 | 7103 | |||||
| 10006 | *) New p rogram nse q to manip ulate nets cape certi ficate seq uences | 7104 | *) New p rogram nse q to manip ulate nets cape certi ficate seq uences | |||
| 10007 | [Stev e Henson] | 7105 | [Stev e Henson] | |||
| 10008 | 7106 | |||||
| 10009 | *) Modif y crl2pkcs 7 so it su pports mul tiple -cer tfile argu ments. Fix a | 7107 | *) Modif y crl2pkcs 7 so it su pports mul tiple -cer tfile argu ments. Fix a | |||
| 10010 | few t ypos. | 7108 | few t ypos. | |||
| 10011 | [Stev e Henson] | 7109 | [Stev e Henson] | |||
| 10012 | 7110 | |||||
| 10013 | *) Fixes to BN cod e. Previo usly the d efault was to define BN_RECURS ION | 7111 | *) Fixes to BN cod e. Previo usly the d efault was to define BN_RECURS ION | |||
| 10014 | but t he BN code had some problems t hat would cause fail ures when | 7112 | but t he BN code had some problems t hat would cause fail ures when | |||
| 10015 | doing certifica te verific ation and some other functions . | 7113 | doing certifica te verific ation and some other functions . | |||
| 10016 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | 7114 | [Eric A. Young, (from cha nges to C2 Net SSLeay , integrat ed by Mark Cox)] | |||
| 10017 | 7115 | |||||
| 10018 | *) Add A SN1 and PE M code to support ne tscape cer tificate s equences. | 7116 | *) Add A SN1 and PE M code to support ne tscape cer tificate s equences. | |||
| 10019 | [Stev e Henson] | 7117 | [Stev e Henson] | |||
| 10020 | 7118 | |||||
| 10021 | *) Add A SN1 and PE M code to support ne tscape cer tificate s equences. | 7119 | *) Add A SN1 and PE M code to support ne tscape cer tificate s equences. | |||
| 10022 | [Stev e Henson] | 7120 | [Stev e Henson] | |||
| 10023 | 7121 | |||||
| 10024 | *) Add s everal PKI X and priv ate extend ed key usa ge OIDs. | 7122 | *) Add s everal PKI X and priv ate extend ed key usa ge OIDs. | |||
| 10025 | [Stev e Henson] | 7123 | [Stev e Henson] | |||
| 10026 | 7124 | |||||
| 10027 | *) Modif y the 'ca' program t o handle t he new ext ension cod e. Modify | 7125 | *) Modif y the 'ca' program t o handle t he new ext ension cod e. Modify | |||
| 10028 | opens sl.cnf for new exten sion forma t, add com ments. | 7126 | opens sl.cnf for new exten sion forma t, add com ments. | |||
| 10029 | [Stev e Henson] | 7127 | [Stev e Henson] | |||
| 10030 | 7128 | |||||
| 10031 | *) More X509 V3 ch anges. Fix typo in v 3_bitstr.c . Add supp ort to 're q' | 7129 | *) More X509 V3 ch anges. Fix typo in v 3_bitstr.c . Add supp ort to 're q' | |||
| 10032 | and a dd a sampl e to opens sl.cnf so req -x509 now adds a ppropriate | 7130 | and a dd a sampl e to opens sl.cnf so req -x509 now adds a ppropriate | |||
| 10033 | CA ex tensions. | 7131 | CA ex tensions. | |||
| 10034 | [Stev e Henson] | 7132 | [Stev e Henson] | |||
| 10035 | 7133 | |||||
| 10036 | *) Conti nued X509 V3 changes . Add to o ther makef iles, inte grate with the | 7134 | *) Conti nued X509 V3 changes . Add to o ther makef iles, inte grate with the | |||
| 10037 | error code, add initial s upport to X509_print () and x50 9 applicat ion. | 7135 | error code, add initial s upport to X509_print () and x50 9 applicat ion. | |||
| 10038 | [Stev e Henson] | 7136 | [Stev e Henson] | |||
| 10039 | 7137 | |||||
| 10040 | *) Takes a deep br eath and s tart adddi ng X509 V3 extension support c ode. Add | 7138 | *) Takes a deep br eath and s tart adddi ng X509 V3 extension support c ode. Add | |||
| 10041 | files in crypto /x509v3. M ove origin al stuff t o crypto/x 509v3/old. All this | 7139 | files in crypto /x509v3. M ove origin al stuff t o crypto/x 509v3/old. All this | |||
| 10042 | stuff is curren tly isolat ed and isn 't even co mpiled yet . | 7140 | stuff is curren tly isolat ed and isn 't even co mpiled yet . | |||
| 10043 | [Stev e Henson] | 7141 | [Stev e Henson] | |||
| 10044 | 7142 | |||||
| 10045 | *) Conti nuing patc hes for Ge neralizedT ime. Fix u p certific ate and CR L | 7143 | *) Conti nuing patc hes for Ge neralizedT ime. Fix u p certific ate and CR L | |||
| 10046 | ASN1 to use ASN 1_TIME and modify pr int routin es to use ASN1_TIME_ print. | 7144 | ASN1 to use ASN 1_TIME and modify pr int routin es to use ASN1_TIME_ print. | |||
| 10047 | Remov ed the ver sions chec k from X50 9 routines when load ing extens ions: | 7145 | Remov ed the ver sions chec k from X50 9 routines when load ing extens ions: | |||
| 10048 | this allows cer tain broke n certific ates that don't set the versio n | 7146 | this allows cer tain broke n certific ates that don't set the versio n | |||
| 10049 | prope rly to be processed. | 7147 | prope rly to be processed. | |||
| 10050 | [Stev e Henson] | 7148 | [Stev e Henson] | |||
| 10051 | 7149 | |||||
| 10052 | *) Deal with irrit ating shit to do wit h dependen cies, in Y AAHW (Yet Another | 7150 | *) Deal with irrit ating shit to do wit h dependen cies, in Y AAHW (Yet Another | |||
| 10053 | Ad Ho c Way) - M akefile.ss ls now all contain l ocal depen dencies, w hich | 7151 | Ad Ho c Way) - M akefile.ss ls now all contain l ocal depen dencies, w hich | |||
| 10054 | can s till be re generated with "make depend". | 7152 | can s till be re generated with "make depend". | |||
| 10055 | [Ben Laurie] | 7153 | [Ben Laurie] | |||
| 10056 | 7154 | |||||
| 10057 | *) Spell ing mistak e in C ver sion of CA ST-128. | 7155 | *) Spell ing mistak e in C ver sion of CA ST-128. | |||
| 10058 | [Ben Laurie, re ported by Jeremy Hyl ton <jerem y@cnri.res ton.va.us> ] | 7156 | [Ben Laurie, re ported by Jeremy Hyl ton <jerem y@cnri.res ton.va.us> ] | |||
| 10059 | 7157 | |||||
| 10060 | *) Chang es to the error gene ration cod e. The per l script e rr-code.pl | 7158 | *) Chang es to the error gene ration cod e. The per l script e rr-code.pl | |||
| 10061 | now r eads in th e old erro r codes an d retains the old nu mbers, onl y | 7159 | now r eads in th e old erro r codes an d retains the old nu mbers, onl y | |||
| 10062 | addin g new ones if necess ary. It al so only ch anges the .err files if new | 7160 | addin g new ones if necess ary. It al so only ch anges the .err files if new | |||
| 10063 | codes are added . The make files have been modi fied to on ly insert errors | 7161 | codes are added . The make files have been modi fied to on ly insert errors | |||
| 10064 | when needed (to avoid nee dlessly mo difying he ader files ). This is done | 7162 | when needed (to avoid nee dlessly mo difying he ader files ). This is done | |||
| 10065 | by on ly inserti ng errors if the .er r file is newer than the auto generated | 7163 | by on ly inserti ng errors if the .er r file is newer than the auto generated | |||
| 10066 | C fil e. To rebu ild all th e error co des from s cratch (th e old beha viour) | 7164 | C fil e. To rebu ild all th e error co des from s cratch (th e old beha viour) | |||
| 10067 | eithe r modify c rypto/Make file.ssl t o pass the -regen fl ag to err_ code.pl | 7165 | eithe r modify c rypto/Make file.ssl t o pass the -regen fl ag to err_ code.pl | |||
| 10068 | or de lete all t he .err fi les. | 7166 | or de lete all t he .err fi les. | |||
| 10069 | [Stev e Henson] | 7167 | [Stev e Henson] | |||
| 10070 | 7168 | |||||
| 10071 | *) CAST- 128 was in correctly implemente d for shor t keys. Th e C versio n has | 7169 | *) CAST- 128 was in correctly implemente d for shor t keys. Th e C versio n has | |||
| 10072 | been fixed, but is untest ed. The as sembler ve rsions are also fixe d, but | 7170 | been fixed, but is untest ed. The as sembler ve rsions are also fixe d, but | |||
| 10073 | new a ssembler H AS NOT BEE N GENERATE D FOR WIN3 2 - the Ma kefile nee ds fixing | 7171 | new a ssembler H AS NOT BEE N GENERATE D FOR WIN3 2 - the Ma kefile nee ds fixing | |||
| 10074 | to re generate i t if neede d. | 7172 | to re generate i t if neede d. | |||
| 10075 | [Ben Laurie, re ported (wi th fix for C version ) by Jun-i chiro itoj un | 7173 | [Ben Laurie, re ported (wi th fix for C version ) by Jun-i chiro itoj un | |||
| 10076 | Hagi no <itojun @kame.net> ] | 7174 | Hagi no <itojun @kame.net> ] | |||
| 10077 | 7175 | |||||
| 10078 | *) File was opened incorrect ly in rand file.c. | 7176 | *) File was opened incorrect ly in rand file.c. | |||
| 10079 | [Ulf Möller <ul f@fitug.de >] | 7177 | [Ulf Möller <ul f@fitug.de >] | |||
| 10080 | 7178 | |||||
| 10081 | *) Begin ning of su pport for Generalize dTime. d2i , i2d, che ck and pri nt | 7179 | *) Begin ning of su pport for Generalize dTime. d2i , i2d, che ck and pri nt | |||
| 10082 | funct ions. Also ASN1_TIME suite whi ch is a CH OICE of UT CTime or | 7180 | funct ions. Also ASN1_TIME suite whi ch is a CH OICE of UT CTime or | |||
| 10083 | Gener alizedTime . ASN1_TIM E is the p roper type used in c ertificate s et | 7181 | Gener alizedTime . ASN1_TIM E is the p roper type used in c ertificate s et | |||
| 10084 | al: i t's just a lmost alwa ys a UTCTi me. Note t his patch adds new e rror | 7182 | al: i t's just a lmost alwa ys a UTCTi me. Note t his patch adds new e rror | |||
| 10085 | codes so do a " make error s" if ther e are prob lems. | 7183 | codes so do a " make error s" if ther e are prob lems. | |||
| 10086 | [Stev e Henson] | 7184 | [Stev e Henson] | |||
| 10087 | 7185 | |||||
| 10088 | *) Corre ct Linux 1 recogniti on in conf ig. | 7186 | *) Corre ct Linux 1 recogniti on in conf ig. | |||
| 10089 | [Ulf Möller <ul f@fitug.de >] | 7187 | [Ulf Möller <ul f@fitug.de >] | |||
| 10090 | 7188 | |||||
| 10091 | *) Remov e pointles s MD5 hash when usin g DSA keys in ca. | 7189 | *) Remov e pointles s MD5 hash when usin g DSA keys in ca. | |||
| 10092 | [Anon ymous <nob ody@replay .com>] | 7190 | [Anon ymous <nob ody@replay .com>] | |||
| 10093 | 7191 | |||||
| 10094 | *) Gener ate an err or if give n an empty string as a cert di rectory. A lso | 7192 | *) Gener ate an err or if give n an empty string as a cert di rectory. A lso | |||
| 10095 | gener ate an err or if hand ed NULL (p reviously returned 0 to indica te an | 7193 | gener ate an err or if hand ed NULL (p reviously returned 0 to indica te an | |||
| 10096 | error , but didn 't set one ). | 7194 | error , but didn 't set one ). | |||
| 10097 | [Ben Laurie, re ported by Anonymous <nobody@re play.com>] | 7195 | [Ben Laurie, re ported by Anonymous <nobody@re play.com>] | |||
| 10098 | 7196 | |||||
| 10099 | *) Add p rototypes to SSL met hods. Make SSL_write 's buffer const, at last. | 7197 | *) Add p rototypes to SSL met hods. Make SSL_write 's buffer const, at last. | |||
| 10100 | [Ben Laurie] | 7198 | [Ben Laurie] | |||
| 10101 | 7199 | |||||
| 10102 | *) Fix t he dummy f unction BN _ref_mod_e xp() in rs aref.c to have the c orrect | 7200 | *) Fix t he dummy f unction BN _ref_mod_e xp() in rs aref.c to have the c orrect | |||
| 10103 | param eters. Thi s was caus ing a warn ing which killed off the Win32 compile. | 7201 | param eters. Thi s was caus ing a warn ing which killed off the Win32 compile. | |||
| 10104 | [Stev e Henson] | 7202 | [Stev e Henson] | |||
| 10105 | 7203 | |||||
| 10106 | *) Remov e C++ styl e comments from cryp to/bn/bn_l ocal.h. | 7204 | *) Remov e C++ styl e comments from cryp to/bn/bn_l ocal.h. | |||
| 10107 | [Neil Costigan <neil.cost igan@celoc om.com>] | 7205 | [Neil Costigan <neil.cost igan@celoc om.com>] | |||
| 10108 | 7206 | |||||
| 10109 | *) The f unction OB J_txt2nid was broken . It was s upposed to return a nid | 7207 | *) The f unction OB J_txt2nid was broken . It was s upposed to return a nid | |||
| 10110 | based on a text string, l ooking up short and long names and final ly | 7208 | based on a text string, l ooking up short and long names and final ly | |||
| 10111 | "dot" format. T he "dot" f ormat stuf f didn't w ork. Added new funct ion | 7209 | "dot" format. T he "dot" f ormat stuf f didn't w ork. Added new funct ion | |||
| 10112 | OBJ_t xt2obj to do the sam e but retu rn an ASN1 _OBJECT an d rewrote | 7210 | OBJ_t xt2obj to do the sam e but retu rn an ASN1 _OBJECT an d rewrote | |||
| 10113 | OBJ_t xt2nid to use it. OB J_txt2obj can also r eturn obje cts even i f the | 7211 | OBJ_t xt2nid to use it. OB J_txt2obj can also r eturn obje cts even i f the | |||
| 10114 | OID i s not part of the ta ble. | 7212 | OID i s not part of the ta ble. | |||
| 10115 | [Stev e Henson] | 7213 | [Stev e Henson] | |||
| 10116 | 7214 | |||||
| 10117 | *) Add p rototypes to X509 lo okup/verif y methods, fixing a bug in | 7215 | *) Add p rototypes to X509 lo okup/verif y methods, fixing a bug in | |||
| 10118 | X509_ LOOKUP_by_ alias(). | 7216 | X509_ LOOKUP_by_ alias(). | |||
| 10119 | [Ben Laurie] | 7217 | [Ben Laurie] | |||
| 10120 | 7218 | |||||
| 10121 | *) Sort openssl fu nctions by name. | 7219 | *) Sort openssl fu nctions by name. | |||
| 10122 | [Ben Laurie] | 7220 | [Ben Laurie] | |||
| 10123 | 7221 | |||||
| 10124 | *) Get t he gendsa program wo rking (hop efully) an d add it t o app list . Remove | 7222 | *) Get t he gendsa program wo rking (hop efully) an d add it t o app list . Remove | |||
| 10125 | encry ption from sample DS A keys (in case anyo ne is inte rested the password | 7223 | encry ption from sample DS A keys (in case anyo ne is inte rested the password | |||
| 10126 | was " 1234"). | 7224 | was " 1234"). | |||
| 10127 | [Stev e Henson] | 7225 | [Stev e Henson] | |||
| 10128 | 7226 | |||||
| 10129 | *) Make _all_ *_fr ee functio ns accept a NULL poi nter. | 7227 | *) Make _all_ *_fr ee functio ns accept a NULL poi nter. | |||
| 10130 | [Fran s Heymans <fheymans@ isaserver. be>] | 7228 | [Fran s Heymans <fheymans@ isaserver. be>] | |||
| 10131 | 7229 | |||||
| 10132 | *) If a DH key is generated in s3_srvr .c, don't blow it by trying to use | 7230 | *) If a DH key is generated in s3_srvr .c, don't blow it by trying to use | |||
| 10133 | NULL pointers. | 7231 | NULL pointers. | |||
| 10134 | [Anon ymous <nob ody@replay .com>] | 7232 | [Anon ymous <nob ody@replay .com>] | |||
| 10135 | 7233 | |||||
| 10136 | *) s_ser ver should send the CAfile as acceptable CAs, not its own ce rt. | 7234 | *) s_ser ver should send the CAfile as acceptable CAs, not its own ce rt. | |||
| 10137 | [Bodo Moeller < 3moeller@i nformatik. uni-hambur g.de>] | 7235 | [Bodo Moeller < 3moeller@i nformatik. uni-hambur g.de>] | |||
| 10138 | 7236 | |||||
| 10139 | *) Don't blow it f or numeric -newkey a rguments t o apps/req . | 7237 | *) Don't blow it f or numeric -newkey a rguments t o apps/req . | |||
| 10140 | [Bodo Moeller < 3moeller@i nformatik. uni-hambur g.de>] | 7238 | [Bodo Moeller < 3moeller@i nformatik. uni-hambur g.de>] | |||
| 10141 | 7239 | |||||
| 10142 | *) Temp key "for e xport" tes ts were wr ong in s3_ srvr.c. | 7240 | *) Temp key "for e xport" tes ts were wr ong in s3_ srvr.c. | |||
| 10143 | [Anon ymous <nob ody@replay .com>] | 7241 | [Anon ymous <nob ody@replay .com>] | |||
| 10144 | 7242 | |||||
| 10145 | *) Add p rototype f or temp ke y callback functions | 7243 | *) Add p rototype f or temp ke y callback functions | |||
| 10146 | SSL_C TX_set_tmp _{rsa,dh}_ callback() . | 7244 | SSL_C TX_set_tmp _{rsa,dh}_ callback() . | |||
| 10147 | [Ben Laurie] | 7245 | [Ben Laurie] | |||
| 10148 | 7246 | |||||
| 10149 | *) Make DH_free() tolerate b eing passe d a NULL p ointer (li ke RSA_fre e() and | 7247 | *) Make DH_free() tolerate b eing passe d a NULL p ointer (li ke RSA_fre e() and | |||
| 10150 | DSA_f ree()). Ma ke X509_PU BKEY_set() check for errors in d2i_Publi cKey(). | 7248 | DSA_f ree()). Ma ke X509_PU BKEY_set() check for errors in d2i_Publi cKey(). | |||
| 10151 | [Stev e Henson] | 7249 | [Stev e Henson] | |||
| 10152 | 7250 | |||||
| 10153 | *) X509_ name_add_e ntry() fre ed the wro ng thing a fter an er ror. | 7251 | *) X509_ name_add_e ntry() fre ed the wro ng thing a fter an er ror. | |||
| 10154 | [Arne Ansper <a rne@ats.cy ber.ee>] | 7252 | [Arne Ansper <a rne@ats.cy ber.ee>] | |||
| 10155 | 7253 | |||||
| 10156 | *) rsa_e ay.c would attempt t o free a N ULL contex t. | 7254 | *) rsa_e ay.c would attempt t o free a N ULL contex t. | |||
| 10157 | [Arne Ansper <a rne@ats.cy ber.ee>] | 7255 | [Arne Ansper <a rne@ats.cy ber.ee>] | |||
| 10158 | 7256 | |||||
| 10159 | *) BIO_s _socket() had a brok en should_ retry() on Windoze. | 7257 | *) BIO_s _socket() had a brok en should_ retry() on Windoze. | |||
| 10160 | [Arne Ansper <a rne@ats.cy ber.ee>] | 7258 | [Arne Ansper <a rne@ats.cy ber.ee>] | |||
| 10161 | 7259 | |||||
| 10162 | *) BIO_f _buffer() didn't pas s on BIO_C TRL_FLUSH. | 7260 | *) BIO_f _buffer() didn't pas s on BIO_C TRL_FLUSH. | |||
| 10163 | [Arne Ansper <a rne@ats.cy ber.ee>] | 7261 | [Arne Ansper <a rne@ats.cy ber.ee>] | |||
| 10164 | 7262 | |||||
| 10165 | *) Make sure the a lready exi sting X509 _STORE->de pth variab le is init ialized | 7263 | *) Make sure the a lready exi sting X509 _STORE->de pth variab le is init ialized | |||
| 10166 | in X5 09_STORE_n ew(), but document t he fact th at this va riable is still | 7264 | in X5 09_STORE_n ew(), but document t he fact th at this va riable is still | |||
| 10167 | unuse d in the c ertificate verificat ion proces s. | 7265 | unuse d in the c ertificate verificat ion proces s. | |||
| 10168 | [Ralf S. Engels chall] | 7266 | [Ralf S. Engels chall] | |||
| 10169 | 7267 | |||||
| 10170 | *) Fix t he various library a nd apps fi les to fre e up pkeys obtained from | 7268 | *) Fix t he various library a nd apps fi les to fre e up pkeys obtained from | |||
| 10171 | X509_ PUBKEY_get () et al. Also allow x509.c to handle ne tscape ext ensions. | 7269 | X509_ PUBKEY_get () et al. Also allow x509.c to handle ne tscape ext ensions. | |||
| 10172 | [Stev e Henson] | 7270 | [Stev e Henson] | |||
| 10173 | 7271 | |||||
| 10174 | *) Fix r eference c ounting in X509_PUBK EY_get(). This makes | 7272 | *) Fix r eference c ounting in X509_PUBK EY_get(). This makes | |||
| 10175 | demos /maurice/e xample2.c work, amon gst others , probably . | 7273 | demos /maurice/e xample2.c work, amon gst others , probably . | |||
| 10176 | [Stev e Henson a nd Ben Lau rie] | 7274 | [Stev e Henson a nd Ben Lau rie] | |||
| 10177 | 7275 | |||||
| 10178 | *) First cut of a cleanup fo r apps/. F irst the ` ssleay' pr ogram is n ow named | 7276 | *) First cut of a cleanup fo r apps/. F irst the ` ssleay' pr ogram is n ow named | |||
| 10179 | `open ssl' and s econd, the shortcut symlinks f or the `op enssl <com mand>' | 7277 | `open ssl' and s econd, the shortcut symlinks f or the `op enssl <com mand>' | |||
| 10180 | are n o longer c reated. Th is way we have a sin gle and co nsistent c ommand | 7278 | are n o longer c reated. Th is way we have a sin gle and co nsistent c ommand | |||
| 10181 | line interface `openssl < command>', similar t o `cvs <co mmand>'. | 7279 | line interface `openssl < command>', similar t o `cvs <co mmand>'. | |||
| 10182 | [Ralf S. Engels chall, Pau l Sutton a nd Ben Lau rie] | 7280 | [Ralf S. Engels chall, Pau l Sutton a nd Ben Lau rie] | |||
| 10183 | 7281 | |||||
| 10184 | *) ca.c: move test for DSA k eys inside #ifndef N O_DSA. Mak e pubkey | 7282 | *) ca.c: move test for DSA k eys inside #ifndef N O_DSA. Mak e pubkey | |||
| 10185 | BIT S TRING wrap per always have zero unused bi ts. | 7283 | BIT S TRING wrap per always have zero unused bi ts. | |||
| 10186 | [Stev e Henson] | 7284 | [Stev e Henson] | |||
| 10187 | 7285 | |||||
| 10188 | *) Add C A.pl, perl version o f CA.sh, a dd extende d key usag e OID. | 7286 | *) Add C A.pl, perl version o f CA.sh, a dd extende d key usag e OID. | |||
| 10189 | [Stev e Henson] | 7287 | [Stev e Henson] | |||
| 10190 | 7288 | |||||
| 10191 | *) Make the top-le vel INSTAL L document ation easi er to unde rstand. | 7289 | *) Make the top-le vel INSTAL L document ation easi er to unde rstand. | |||
| 10192 | [Paul Sutton] | 7290 | [Paul Sutton] | |||
| 10193 | 7291 | |||||
| 10194 | *) Makef iles updat ed to exit if an err or occurs in a sub-d irectory | 7292 | *) Makef iles updat ed to exit if an err or occurs in a sub-d irectory | |||
| 10195 | make (including if user p resses ^C) [Paul Sut ton] | 7293 | make (including if user p resses ^C) [Paul Sut ton] | |||
| 10196 | 7294 | |||||
| 10197 | *) Make Montgomery context s tuff expli cit in RSA data stru cture. | 7295 | *) Make Montgomery context s tuff expli cit in RSA data stru cture. | |||
| 10198 | [Ben Laurie] | 7296 | [Ben Laurie] | |||
| 10199 | 7297 | |||||
| 10200 | *) Fix b uild order of pem an d err to a llow for g enerated p em.h. | 7298 | *) Fix b uild order of pem an d err to a llow for g enerated p em.h. | |||
| 10201 | [Ben Laurie] | 7299 | [Ben Laurie] | |||
| 10202 | 7300 | |||||
| 10203 | *) Fix r enumbering bug in X5 09_NAME_de lete_entry (). | 7301 | *) Fix r enumbering bug in X5 09_NAME_de lete_entry (). | |||
| 10204 | [Ben Laurie] | 7302 | [Ben Laurie] | |||
| 10205 | 7303 | |||||
| 10206 | *) Enhan ced the er r-ins.pl s cript so i t makes th e error li brary numb er | 7304 | *) Enhan ced the er r-ins.pl s cript so i t makes th e error li brary numb er | |||
| 10207 | globa l and can add a libr ary name. This is ne eded for e xternal AS N1 and | 7305 | globa l and can add a libr ary name. This is ne eded for e xternal AS N1 and | |||
| 10208 | other error lib raries. | 7306 | other error lib raries. | |||
| 10209 | [Stev e Henson] | 7307 | [Stev e Henson] | |||
| 10210 | 7308 | |||||
| 10211 | *) Fixed sk_insert which nev er worked properly. | 7309 | *) Fixed sk_insert which nev er worked properly. | |||
| 10212 | [Stev e Henson] | 7310 | [Stev e Henson] | |||
| 10213 | 7311 | |||||
| 10214 | *) Fix A SN1 macros so they c an handle indefinite length co nstruted | 7312 | *) Fix A SN1 macros so they c an handle indefinite length co nstruted | |||
| 10215 | EXPLI CIT tags. Some non s tandard ce rtificates use these : they can now | 7313 | EXPLI CIT tags. Some non s tandard ce rtificates use these : they can now | |||
| 10216 | be re ad in. | 7314 | be re ad in. | |||
| 10217 | [Stev e Henson] | 7315 | [Stev e Henson] | |||
| 10218 | 7316 | |||||
| 10219 | *) Merge d the vari ous old/ob solete SSL eay docume ntation fi les (doc/x xx.doc) | 7317 | *) Merge d the vari ous old/ob solete SSL eay docume ntation fi les (doc/x xx.doc) | |||
| 10220 | into a single d oc/ssleay. txt bundle . This way the infor mation is still | 7318 | into a single d oc/ssleay. txt bundle . This way the infor mation is still | |||
| 10221 | prese rved but n o longer m esses up t his direct ory. Now i t's new ro om for | 7319 | prese rved but n o longer m esses up t his direct ory. Now i t's new ro om for | |||
| 10222 | the n ew set of documenati on files. | 7320 | the n ew set of documenati on files. | |||
| 10223 | [Ralf S. Engels chall] | 7321 | [Ralf S. Engels chall] | |||
| 10224 | 7322 | |||||
| 10225 | *) SETs were incor rectly DER encoded. This was a major pai n, because they | 7323 | *) SETs were incor rectly DER encoded. This was a major pai n, because they | |||
| 10226 | share d code wit h SEQUENCE s, which a ren't code d the same . This mea ns that | 7324 | share d code wit h SEQUENCE s, which a ren't code d the same . This mea ns that | |||
| 10227 | almos t everythi ng to do w ith SETs o r SEQUENCE s has eith er changed name or | 7325 | almos t everythi ng to do w ith SETs o r SEQUENCE s has eith er changed name or | |||
| 10228 | numbe r of argum ents. | 7326 | numbe r of argum ents. | |||
| 10229 | [Ben Laurie, ba sed on a p artial fix by GP Jay an <gp@nsj .co.jp>] | 7327 | [Ben Laurie, ba sed on a p artial fix by GP Jay an <gp@nsj .co.jp>] | |||
| 10230 | 7328 | |||||
| 10231 | *) Fix t est data t o work wit h the abov e. | 7329 | *) Fix t est data t o work wit h the abov e. | |||
| 10232 | [Ben Laurie] | 7330 | [Ben Laurie] | |||
| 10233 | 7331 | |||||
| 10234 | *) Fix t he RSA hea der declar ations tha t hid a bu g I fixed in 0.9.0b but | 7332 | *) Fix t he RSA hea der declar ations tha t hid a bu g I fixed in 0.9.0b but | |||
| 10235 | was a lready fix ed by Eric for 0.9.1 it seems. | 7333 | was a lready fix ed by Eric for 0.9.1 it seems. | |||
| 10236 | [Ben Laurie - p ointed out by Ulf Mö ller <ulf@ fitug.de>] | 7334 | [Ben Laurie - p ointed out by Ulf Mö ller <ulf@ fitug.de>] | |||
| 10237 | 7335 | |||||
| 10238 | *) Autod etect Free BSD3. | 7336 | *) Autod etect Free BSD3. | |||
| 10239 | [Ben Laurie] | 7337 | [Ben Laurie] | |||
| 10240 | 7338 | |||||
| 10241 | *) Fix v arious bug s in Confi gure. This affects t he followi ng platfor ms: | 7339 | *) Fix v arious bug s in Confi gure. This affects t he followi ng platfor ms: | |||
| 10242 | nexts tep | 7340 | nexts tep | |||
| 10243 | ncr-s cde | 7341 | ncr-s cde | |||
| 10244 | unixw are-2.0 | 7342 | unixw are-2.0 | |||
| 10245 | unixw are-2.0-pe ntium | 7343 | unixw are-2.0-pe ntium | |||
| 10246 | sco5- cc. | 7344 | sco5- cc. | |||
| 10247 | [Ben Laurie] | 7345 | [Ben Laurie] | |||
| 10248 | 7346 | |||||
| 10249 | *) Elimi nate gener ated files from CVS. Reorder t ests to re generate f iles | 7347 | *) Elimi nate gener ated files from CVS. Reorder t ests to re generate f iles | |||
| 10250 | befor e they are needed. | 7348 | befor e they are needed. | |||
| 10251 | [Ben Laurie] | 7349 | [Ben Laurie] | |||
| 10252 | 7350 | |||||
| 10253 | *) Gener ate Makefi le.ssl fro m Makefile .org (to k eep CVS ha ppy). | 7351 | *) Gener ate Makefi le.ssl fro m Makefile .org (to k eep CVS ha ppy). | |||
| 10254 | [Ben Laurie] | 7352 | [Ben Laurie] | |||
| 10255 | 7353 | |||||
| 10256 | 7354 | |||||
| 10257 | Changes b etween 0.9 .1b and 0. 9.1c [23- Dec-1998] | 7355 | Changes b etween 0.9 .1b and 0. 9.1c [23- Dec-1998] | |||
| 10258 | 7356 | |||||
| 10259 | *) Added OPENSSL_V ERSION_NUM BER to cry pto/crypto .h and | 7357 | *) Added OPENSSL_V ERSION_NUM BER to cry pto/crypto .h and | |||
| 10260 | chang ed SSLeay to OpenSSL in versio n strings. | 7358 | chang ed SSLeay to OpenSSL in versio n strings. | |||
| 10261 | [Ralf S. Engels chall] | 7359 | [Ralf S. Engels chall] | |||
| 10262 | 7360 | |||||
| 10263 | *) Some fixups to the top-le vel docume nts. | 7361 | *) Some fixups to the top-le vel docume nts. | |||
| 10264 | [Paul Sutton] | 7362 | [Paul Sutton] | |||
| 10265 | 7363 | |||||
| 10266 | *) Fixed the nasty bug where rsaref.h was not fo und under compile-ti me | 7364 | *) Fixed the nasty bug where rsaref.h was not fo und under compile-ti me | |||
| 10267 | becau se the sym link to in clude/ was missing. | 7365 | becau se the sym link to in clude/ was missing. | |||
| 10268 | [Ralf S. Engels chall] | 7366 | [Ralf S. Engels chall] | |||
| 10269 | 7367 | |||||
| 10270 | *) Incor porated th e popular no-RSA/DSA -only patc hes | 7368 | *) Incor porated th e popular no-RSA/DSA -only patc hes | |||
| 10271 | which allow to compile a RSA-free S SLeay. | 7369 | which allow to compile a RSA-free S SLeay. | |||
| 10272 | [Andr ew Cooke / Interrade r Ldt., Ra lf S. Enge lschall] | 7370 | [Andr ew Cooke / Interrade r Ldt., Ra lf S. Enge lschall] | |||
| 10273 | 7371 | |||||
| 10274 | *) Fixed nasty reh ash proble m under `m ake -f Mak efile.ssl links' | 7372 | *) Fixed nasty reh ash proble m under `m ake -f Mak efile.ssl links' | |||
| 10275 | when "ssleay" i s still no t found. | 7373 | when "ssleay" i s still no t found. | |||
| 10276 | [Ralf S. Engels chall] | 7374 | [Ralf S. Engels chall] | |||
| 10277 | 7375 | |||||
| 10278 | *) Added more plat forms to C onfigure: Cray T3E, HPUX 11, | 7376 | *) Added more plat forms to C onfigure: Cray T3E, HPUX 11, | |||
| 10279 | [Ralf S. Engels chall, Bec kmann <bec kman@acl.l anl.gov>] | 7377 | [Ralf S. Engels chall, Bec kmann <bec kman@acl.l anl.gov>] | |||
| 10280 | 7378 | |||||
| 10281 | *) Updat ed the REA DME file. | 7379 | *) Updat ed the REA DME file. | |||
| 10282 | [Ralf S. Engels chall] | 7380 | [Ralf S. Engels chall] | |||
| 10283 | 7381 | |||||
| 10284 | *) Added various . cvsignore files in t he CVS rep ository su bdirs | 7382 | *) Added various . cvsignore files in t he CVS rep ository su bdirs | |||
| 10285 | to ma ke a "cvs update" re ally silen t. | 7383 | to ma ke a "cvs update" re ally silen t. | |||
| 10286 | [Ralf S. Engels chall] | 7384 | [Ralf S. Engels chall] | |||
| 10287 | 7385 | |||||
| 10288 | *) Recom piled the error-defi nition hea der files and added | 7386 | *) Recom piled the error-defi nition hea der files and added | |||
| 10289 | missi ng symbols to the Wi n32 linker tables. | 7387 | missi ng symbols to the Wi n32 linker tables. | |||
| 10290 | [Ralf S. Engels chall] | 7388 | [Ralf S. Engels chall] | |||
| 10291 | 7389 | |||||
| 10292 | *) Clean ed up the top-level documents; | 7390 | *) Clean ed up the top-level documents; | |||
| 10293 | o new files: CH ANGES and LICENSE | 7391 | o new files: CH ANGES and LICENSE | |||
| 10294 | o mer ged VERSIO N, HISTORY * and READ ME* files a CHANGES. SSLeay | 7392 | o mer ged VERSIO N, HISTORY * and READ ME* files a CHANGES. SSLeay | |||
| 10295 | o mer ged COPYRI GHT into L ICENSE | 7393 | o mer ged COPYRI GHT into L ICENSE | |||
| 10296 | o rem oved obsol ete TODO f ile | 7394 | o rem oved obsol ete TODO f ile | |||
| 10297 | o ren amed MICRO SOFT to IN STALL.W32 | 7395 | o ren amed MICRO SOFT to IN STALL.W32 | |||
| 10298 | [Ralf S. Engels chall] | 7396 | [Ralf S. Engels chall] | |||
| 10299 | 7397 | |||||
| 10300 | *) Remov ed dummy f iles from the 0.9.1b source tr ee: | 7398 | *) Remov ed dummy f iles from the 0.9.1b source tr ee: | |||
| 10301 | crypt o/asn1/x c rypto/bio/ cd crypto/ bio/fg cry pto/bio/gr ep crypto/ bio/vi | 7399 | crypt o/asn1/x c rypto/bio/ cd crypto/ bio/fg cry pto/bio/gr ep crypto/ bio/vi | |||
| 10302 | crypt o/bn/asm/. .....add.c crypto/bn /asm/a.out crypto/ds a/f crypto /md5/f | 7400 | crypt o/bn/asm/. .....add.c crypto/bn /asm/a.out crypto/ds a/f crypto /md5/f | |||
| 10303 | crypt o/pem/gmon .out crypt o/perlasm/ f crypto/p kcs7/build crypto/rs a/f | 7401 | crypt o/pem/gmon .out crypt o/perlasm/ f crypto/p kcs7/build crypto/rs a/f | |||
| 10304 | crypt o/sha/asm/ f crypto/t hreads/f m s/zzz ssl/ f ssl/f.ma k test/f | 7402 | crypt o/sha/asm/ f crypto/t hreads/f m s/zzz ssl/ f ssl/f.ma k test/f | |||
| 10305 | util/ f.mak util /pl/f util /pl/f.mak crypto/bf/ bf_locl.ol d apps/f | 7403 | util/ f.mak util /pl/f util /pl/f.mak crypto/bf/ bf_locl.ol d apps/f | |||
| 10306 | [Ralf S. Engels chall] | 7404 | [Ralf S. Engels chall] | |||
| 10307 | 7405 | |||||
| 10308 | *) Added various p latform po rtability fixes. | 7406 | *) Added various p latform po rtability fixes. | |||
| 10309 | [Mark J. Cox] | 7407 | [Mark J. Cox] | |||
| 10310 | 7408 | |||||
| 10311 | *) The G enesis of the OpenSS L rpject: | 7409 | *) The G enesis of the OpenSS L rpject: | |||
| 10312 | We st art with t he latest (unrelease d) SSLeay version 0. 9.1b which Eric A. | 7410 | We st art with t he latest (unrelease d) SSLeay version 0. 9.1b which Eric A. | |||
| 10313 | Young and Tim J . Hudson c reated whi le they we re working for C2Net until | 7411 | Young and Tim J . Hudson c reated whi le they we re working for C2Net until | |||
| 10314 | summe r 1998. | 7412 | summe r 1998. | |||
| 10315 | [The OpenSSL Pr oject] | 7413 | [The OpenSSL Pr oject] | |||
| 10316 | 7414 | |||||
| 10317 | 7415 | |||||
| 10318 | Changes b etween 0.9 .0b and 0. 9.1b [not released] | 7416 | Changes b etween 0.9 .0b and 0. 9.1b [not released] | |||
| 10319 | 7417 | |||||
| 10320 | *) Updat ed a few C A certific ates under certs/ | 7418 | *) Updat ed a few C A certific ates under certs/ | |||
| 10321 | [Eric A. Young] | 7419 | [Eric A. Young] | |||
| 10322 | 7420 | |||||
| 10323 | *) Chang ed some BI GNUM api s tuff. | 7421 | *) Chang ed some BI GNUM api s tuff. | |||
| 10324 | [Eric A. Young] | 7422 | [Eric A. Young] | |||
| 10325 | 7423 | |||||
| 10326 | *) Vario us platfor m ports: O penBSD, Ul trix, IRIX 64bit, Ne tBSD, | 7424 | *) Vario us platfor m ports: O penBSD, Ul trix, IRIX 64bit, Ne tBSD, | |||
| 10327 | DGUX x86, Linux Alpha, et c. | 7425 | DGUX x86, Linux Alpha, et c. | |||
| 10328 | [Eric A. Young] | 7426 | [Eric A. Young] | |||
| 10329 | 7427 | |||||
| 10330 | *) New C OMP librar y [crypto/ comp/] for SSL Recor d Layer Co mpression: | 7428 | *) New C OMP librar y [crypto/ comp/] for SSL Recor d Layer Co mpression: | |||
| 10331 | RLE ( dummy impl emented) a nd ZLIB (r eally impl emented wh en ZLIB is | 7429 | RLE ( dummy impl emented) a nd ZLIB (r eally impl emented wh en ZLIB is | |||
| 10332 | avail able). | 7430 | avail able). | |||
| 10333 | [Eric A. Young] | 7431 | [Eric A. Young] | |||
| 10334 | 7432 | |||||
| 10335 | *) Add - strparse o ption to a sn1pars pr ogram whic h parses n ested | 7433 | *) Add - strparse o ption to a sn1pars pr ogram whic h parses n ested | |||
| 10336 | binar y structur es | 7434 | binar y structur es | |||
| 10337 | [Dr S tephen Hen son <shens on@bigfoot .com>] | 7435 | [Dr S tephen Hen son <shens on@bigfoot .com>] | |||
| 10338 | 7436 | |||||
| 10339 | *) Added "oid_file " to sslea y.cnf for "ca" and " req" progr ams. | 7437 | *) Added "oid_file " to sslea y.cnf for "ca" and " req" progr ams. | |||
| 10340 | [Eric A. Young] | 7438 | [Eric A. Young] | |||
| 10341 | 7439 | |||||
| 10342 | *) DSA f ix for "ca " program. | 7440 | *) DSA f ix for "ca " program. | |||
| 10343 | [Eric A. Young] | 7441 | [Eric A. Young] | |||
| 10344 | 7442 | |||||
| 10345 | *) Added "-genkey" option to "dsaparam " program. | 7443 | *) Added "-genkey" option to "dsaparam " program. | |||
| 10346 | [Eric A. Young] | 7444 | [Eric A. Young] | |||
| 10347 | 7445 | |||||
| 10348 | *) Added RIPE MD16 0 (rmd160) message d igest. | 7446 | *) Added RIPE MD16 0 (rmd160) message d igest. | |||
| 10349 | [Eric A. Young] | 7447 | [Eric A. Young] | |||
| 10350 | 7448 | |||||
| 10351 | *) Added -a (all) option to "ssleay ve rsion" com mand. | 7449 | *) Added -a (all) option to "ssleay ve rsion" com mand. | |||
| 10352 | [Eric A. Young] | 7450 | [Eric A. Young] | |||
| 10353 | 7451 | |||||
| 10354 | *) Added PLATFORM define whi ch is the id given t o Configur e. | 7452 | *) Added PLATFORM define whi ch is the id given t o Configur e. | |||
| 10355 | [Eric A. Young] | 7453 | [Eric A. Young] | |||
| 10356 | 7454 | |||||
| 10357 | *) Added MemCheck_ XXXX funct ions to cr ypto/mem.c for memor y checking . | 7455 | *) Added MemCheck_ XXXX funct ions to cr ypto/mem.c for memor y checking . | |||
| 10358 | [Eric A. Young] | 7456 | [Eric A. Young] | |||
| 10359 | 7457 | |||||
| 10360 | *) Exten ded the AS N.1 parser routines. | 7458 | *) Exten ded the AS N.1 parser routines. | |||
| 10361 | [Eric A. Young] | 7459 | [Eric A. Young] | |||
| 10362 | 7460 | |||||
| 10363 | *) Exten ded BIO ro utines to support RE USEADDR, s eek, tell, etc. | 7461 | *) Exten ded BIO ro utines to support RE USEADDR, s eek, tell, etc. | |||
| 10364 | [Eric A. Young] | 7462 | [Eric A. Young] | |||
| 10365 | 7463 | |||||
| 10366 | *) Added a BN_CTX to the BN library. | 7464 | *) Added a BN_CTX to the BN library. | |||
| 10367 | [Eric A. Young] | 7465 | [Eric A. Young] | |||
| 10368 | 7466 | |||||
| 10369 | *) Fixed the weak key values in DES li brary | 7467 | *) Fixed the weak key values in DES li brary | |||
| 10370 | [Eric A. Young] | 7468 | [Eric A. Young] | |||
| 10371 | 7469 | |||||
| 10372 | *) Chang ed API in EVP librar y for ciph er aliases . | 7470 | *) Chang ed API in EVP librar y for ciph er aliases . | |||
| 10373 | [Eric A. Young] | 7471 | [Eric A. Young] | |||
| 10374 | 7472 | |||||
| 10375 | *) Added support f or RC2/64b it cipher. | 7473 | *) Added support f or RC2/64b it cipher. | |||
| 10376 | [Eric A. Young] | 7474 | [Eric A. Young] | |||
| 10377 | 7475 | |||||
| 10378 | *) Conve rted the l hash libra ry to the crypto/mem .c functio ns. | 7476 | *) Conve rted the l hash libra ry to the crypto/mem .c functio ns. | |||
| 10379 | [Eric A. Young] | 7477 | [Eric A. Young] | |||
| 10380 | 7478 | |||||
| 10381 | *) Added more reco gnized ASN .1 object ids. | 7479 | *) Added more reco gnized ASN .1 object ids. | |||
| 10382 | [Eric A. Young] | 7480 | [Eric A. Young] | |||
| 10383 | 7481 | |||||
| 10384 | *) Added more RSA padding ch ecks for S SL/TLS. | 7482 | *) Added more RSA padding ch ecks for S SL/TLS. | |||
| 10385 | [Eric A. Young] | 7483 | [Eric A. Young] | |||
| 10386 | 7484 | |||||
| 10387 | *) Added BIO proxy /filter fu nctionalit y. | 7485 | *) Added BIO proxy /filter fu nctionalit y. | |||
| 10388 | [Eric A. Young] | 7486 | [Eric A. Young] | |||
| 10389 | 7487 | |||||
| 10390 | *) Added extra_cer ts to SSL_ CTX which can be use d | 7488 | *) Added extra_cer ts to SSL_ CTX which can be use d | |||
| 10391 | send extra CA c ertificate s to the c lient in t he CA cert chain sen ding | 7489 | send extra CA c ertificate s to the c lient in t he CA cert chain sen ding | |||
| 10392 | proce ss. It can be config ured with SSL_CTX_ad d_extra_ch ain_cert() . | 7490 | proce ss. It can be config ured with SSL_CTX_ad d_extra_ch ain_cert() . | |||
| 10393 | [Eric A. Young] | 7491 | [Eric A. Young] | |||
| 10394 | 7492 | |||||
| 10395 | *) Now F ortezza is denied in the authe ntication phase beca use | 7493 | *) Now F ortezza is denied in the authe ntication phase beca use | |||
| 10396 | this is key exc hange mech anism is n ot support ed by SSLe ay at all. | 7494 | this is key exc hange mech anism is n ot support ed by SSLe ay at all. | |||
| 10397 | [Eric A. Young] | 7495 | [Eric A. Young] | |||
| 10398 | 7496 | |||||
| 10399 | *) Addit ional PKCS 1 checks. | 7497 | *) Addit ional PKCS 1 checks. | |||
| 10400 | [Eric A. Young] | 7498 | [Eric A. Young] | |||
| 10401 | 7499 | |||||
| 10402 | *) Suppo rt the str ing "TLSv1 " for all TLS v1 cip hers. | 7500 | *) Suppo rt the str ing "TLSv1 " for all TLS v1 cip hers. | |||
| 10403 | [Eric A. Young] | 7501 | [Eric A. Young] | |||
| 10404 | 7502 | |||||
| 10405 | *) Added function SSL_get_ex _data_X509 _STORE_CTX _idx() whi ch gives t he | 7503 | *) Added function SSL_get_ex _data_X509 _STORE_CTX _idx() whi ch gives t he | |||
| 10406 | ex_da ta index o f the SSL context in the X509_ STORE_CTX ex_data. | 7504 | ex_da ta index o f the SSL context in the X509_ STORE_CTX ex_data. | |||
| 10407 | [Eric A. Young] | 7505 | [Eric A. Young] | |||
| 10408 | 7506 | |||||
| 10409 | *) Fixed a few mem ory leaks. | 7507 | *) Fixed a few mem ory leaks. | |||
| 10410 | [Eric A. Young] | 7508 | [Eric A. Young] | |||
| 10411 | 7509 | |||||
| 10412 | *) Fixed various c ode and co mment typo s. | 7510 | *) Fixed various c ode and co mment typo s. | |||
| 10413 | [Eric A. Young] | 7511 | [Eric A. Young] | |||
| 10414 | 7512 | |||||
| 10415 | *) A min or bug in ssl/s3_cln t.c where there woul d always b e 4 0 | 7513 | *) A min or bug in ssl/s3_cln t.c where there woul d always b e 4 0 | |||
| 10416 | bytes sent in t he client random. | 7514 | bytes sent in t he client random. | |||
| 10417 | [Edwa rd Bishop <ebishop@s pyglass.co m>] | 7515 | [Edwa rd Bishop <ebishop@s pyglass.co m>] | |||
| 10418 | 7516 |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2009 Araxis Ltd (www.araxis.com). All rights reserved.